Viewing security information for files and registry  keys

From the Servers folder, you can view security information for registry keys and files on Windows servers using NTFS.

This procedure lets you view discretionary ACLs (DACLs) and system ACLs (SACLs) for a selected file or registry key.

To view security information

  1. Do one of the following:
    • Using the Servers folder, expand a server, select the Live node and then select the File System or Registry server object type. Navigate to the file or registry key for which you want information. Right-click the file or registry key, and select Properties from the pop-up menu. A Properties dialog box appears. If you are displaying properties for a file, click the Security tab.
    • Using the results of a snapshot job, right-click a file or registry key displayed within the Server View node of the Snapshot Job results and select Properties from the pop-up menu. A Properties dialog box appears. If you are displaying properties for a file, click the Security tab.

    • The Security tab shows users and groups who are granted permissions for the selected file or registry key. 

      Note

      • The inheritance check box at the bottom of the screen refers to standard Windows permissions, not BMC Server Automation permissions.
      • To display security information for snapshot results, the Snapshot Job must be defined to include file or registry ACLs.
  2. To view detailed information about permissions granted to users, select a user and click View Details g_v95_PropertiesIcon.gif. A dialog box displays the permissions granted or denied for this file to the selected user. Click Close to close the dialog box.

  3. To view audit settings, click the Auditing side tab. A dialog box displays setup information about events that are logged to the Windows system security event log. Setup information is listed by user and by type of event (that is, failure or success). 

    Note

    By default, the Auditing tab is only available when you are using user privilege mapping to access a server. If you are using Windows user mapping, you must explicitly grant the "Manage auditing and security log" permission to the user to which you are mapped on the server in question. To accomplish this, as an Administrator, open the Windows Administrative Tools on the server you are accessing. Then open Local Security Policy followed by User Rights Assignment. Select the properties for the "Manage auditing and security log" permission and add the user who should have this permission.

    For more information about user privilege mapping and Windows user mapping, see Automation-principals-and-server-management.

  4. To view information about permissions causing an event to fail or succeed, select an event type, such as failures for Administrator on a particular machine, and then click View ACL Details g_v95_PropertiesIcon.gif. A dialog box shows the permissions that cause events to be logged to the Windows system event log. Click Close to close the dialog box.
  5. Click Close to close the dialog box.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*