file modifiers username across network connection impossible?

DutchCoder wrote:

Hi all, I'm running into this problem when it comes to determining a network logged on username and i hope someone can help me out or atleast point me in the right direction. Situation: 1 Windows 2003 server that is serving files through Active directory. No Dfs installed, just plain files sharing. 1 or multiple clients that access the files, make modifications and creates or deletes files. For arguments sake let's say that the clients are Windows XP computer and the users are logged on to the local domain (AD). Currently available: When the client alters, creates or deletes a file i have a (VB.Net Windows Service) script that tells me that this is being done and stores a record in a database for this action being performed. Desire: I wan't to know the client's ip-address, computername or logged on username so that i can store this to. I have tried about 20 different scripts but all check the username on the server side and not the client. So now i either get back "SYSTEM" or "NTAUTHORITY\SYSTEM" instead of the user's AD name. Below is the code i use to monitor the directory and or file changes. The "writeDBLog" is where i want to pass the username to write to the database. Imports System.ServiceProcess Imports System.IO Imports wrFolderSpy.dbFunc Public Class wrFolderSpy Inherits System.ServiceProcess.ServiceBase Public folderToWatch As FileSystemWatcher Protected Overrides Sub OnStart(ByVal args() As String) folderToWatch = New FileSystemWatcher folderToWatch.Path = "D:\SomeDirectory" With folderToWatch .NotifyFilter = .NotifyFilter Or NotifyFilters.FileName .NotifyFilter = .NotifyFilter Or NotifyFilters.Attributes .IncludeSubdirectories = True End With AddHandler folderToWatch.Created, AddressOf newLog AddHandler folderToWatch.Deleted, AddressOf newLog folderToWatch.EnableRaisingEvents = True End Sub Private Sub newLog(ByVal Source As Object, ByVal evt As FileSystemEventArgs) If evt.ChangeType = WatcherChangeTypes.Created Then writeDBLog(evt.FullPath, "created") ElseIf evt.ChangeType = WatcherChangeTypes.Deleted Then writeDBLog(evt.FullPath, "deleted") End If End Sub End Class Any suggestions?

DutchCoder,

This class is based on the ReadDirectoryChangesW api function in Windows, which, unfortunately, does not give information about who is performing the change, so you won't be able to see who made the last change.

Hope this helps.

- Nicholas Paldino [.NET/C# MVP]
- mvp@spam.guard.caspershouse.com

casperOne at 2007-8-21 >

I'm not sure if you're still looking into this problem. I gave this my best shot yesterday and didn't find a satisfying way to get the ModifiedBy user.

I'm getting in contact with some file system experts here at MS, and we'll see if we can find a way.

Thanks,

Paul Yuknewicz

PaulYuk_MS at 2007-8-21 >