Is there a log file in Samba to keep track of users' access?

Is there a log file in Samba to keep track of users' access?

I am currently running Suse 8.2 as a file and print server (Samba) to my windows clients. It works great! Unfortunately I have some malicious users on my network who like to delete files as a means of getting out of work. I was able to set up a "recycle bin" for Samba so nothing is actually being deleted, but what I really need is a way to nail the guilty parties. Is there a log file I can set up to keep track of who accessed what files and what they did with them -- i.e. deleted, changed and so on?

    Requires Free Membership to View

    Login

    When you register, my team of editors will also send you resources covering Linux administration and management; integration and interoperability between Linux, Windows and Unix; securing Linux and mixed-platform environments; and migrating to Linux.

    Cathleen A. Gagne, Senior Editorial Director

    By submitting your registration information to SearchEnterpriseLinux.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchEnterpriseLinux.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Check out the new Samba-3.0.0 VFS module called "extd_audit.so". It is well documented in the SAmba-3.0.0 HOWTO Collection. You can obtain this document from:

http://samba.org:~jht/HOWTO/Samba-HOWTO-Collection.pdf

Enjoy!

This was first published in September 2003