vserver audit Admin share

ousturali · ‎2019-05-16

hi ,

we had setup cifs auditing in a customer environment.It works well for normal shares ,but the customer has some hidden shares ,i mean they are like ADMIN$ or c$ ,

we cannot audit those hidden shares as normal auditing mechanizm

does anyone has an idea with this?

Thanks a lot

Vijay_ramamurthy · ‎2019-07-04

Hi ,

c$ and admin$ are administrative shares and are hidden. Only administrators have access to these shares.

We cannot set share permissions and file security on these shares.

Do you know what do we want to audit in these shares ?