Windows Event Log ID

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Might as well ask this in here.

We have a server which someone keeps changing the region to USA instead of UK. Does it fire an event when the item is changed and if so, whats the event ID number.

What I want to do is write a service which will mail the IS department when someone changes it so we can catch who it is

Cheers

 

We have a thrid party item to make holiday bookings with that the company bought. The owners of the code wanted access to the server to do updates etc so we had to give them access. If it was upto us they wouldn't be allowed in.

We also had to give them full admin rights on the server because some of their code won't work because its not that good. Wasnt my choice, I just work with the problem

 

Bloody hell, what a nightmare. If you must allow access I would lock the server down via GPO as much as possible, you can I think start with:

User Config
-- Administrative Templates
-- Control Panel
-- Regional & Language Options
-- Restrict selection of Windows etc etc [Enable]

This setting restricts users to the specified language by disabling the menus and dialog box controls in the Regional and Language Options Control Panel. If the specified language is not installed on the target computer, the language selection defaults to English.

Hope it helps
G

 

Nope, we can't do that. The code won't run if we did that, ours written in house would be great, theirs wouldn't work. Its bedroom programming at its best

 

If that's the scenario I would have told the company to bugger off, you're the client in this case so you've had the code written for you, so they have to program it to fit into the way your company works not the other way round. Methinks who ever took this company on needs shooting.

 

Toadeh,
Are you saying you cannot create GPOs on one of your servers because it would prevent developers code working? If so, thats bad news mate, what if you really had to have locale set to UK to run SQL or something? Why not hide control panel then, surely you can do this without denting their code?

Are you sure its not their code that keeps changing the locale

What about turning on auditing thru GPO and then on the root of the server to trace their logins, I take it they do have a seperate login from IT staff in your company?

If they dont, they need one!

G

 

Yeah they have their own login. Its basically a rubbish system which the company took on whilst I was in high school (i am that young) and they have stuck with it.

We put an empty trigger on a database and they decided it broke their code, this is the level we are dealing with

Like the idea of turning on the auditing, might suggest that one.

 

So let's say that auditing discovers that it's their login that's changing the region to USA (either through them doing it manually, or their weak code changing it). Given your current lack of ability to restrict them or stop using their services, what are you going to do? Tell them sternly not to change it again?

If their code breaks when you implement GPOs, you're working with the wrong company... and if management refuses to see that, that's a danger sign of a larger problem that I'd not ignore. If it were me, I'd be posting resumes within the day.

 

I'm guessing the code is changing the format to USA so it can read date formats for whatever reasons correctly? if thats the case then surely they can redesign the code to do it the UK way and hence leave the format to UK!

 

Personally, I wouldnt give them the ability to log into your servers whenever they feel the need. I would do whatever was necessary to prevent them logging onto the server, and when they needed to get on to make a change, they would need to request it with you guys first, and then have someone watching them when they ARE on the server.

There is no reason really why a third party vendor should be able to make changes to your live system willy nilly, and if they are then its a shoddy system at best. i really do hope you guys arent paying for that rubbish.

 

Yeah I agree with all the suggestions, There is not a lot I can do though, since I am just a developer trying to get round the issue and the management won't tell them to sod off cause the system is too integrated. Its mainly on there own server that we have (we don't let them access SQL servers or our filestores). The idea being, if they break it, its their problem, but the date format does leak into our sql data because of it.

If i had my way i would not allow them on, but i'm just a software developer here so its nowt to do with me