Hi,
I am really struggling with the concept of CIFS / NTFS auditing.
'vserver audit command enables or disables auditing, defines log location files, manages log rotation,
and so on.'
The vserver create command also includes the following parameters:
{file-ops|cifs-logon-logoff|cap-staging|file-share|audit-policy-change|user-account|authorization-policy-change|security-group}
The vserver create command seems to include file/folder event logging, so why do I need to then go on to use the 'vserver security file-directory ntfs' commands to create SACLs on files and folders?
Thanks