Hi, probably it's not a strictly isa-related issue but i try to ask....: i have an isa 2006 std running on windows 2003sp2 member of POL domain.
Logs are saved in a local drive and the directory is shared to allow a log analyzer (proxy inspector) to retrieve logs. Log analyzer runs on another server which is another w2k3sp2 member of POL domain.
The directory is shared with "everyone-read" in Sharing tab and in Security tab i give read only permissions to the dedicated user POL\isalogger. The fact is that after few hours permissions disappear from Security tab.
Before POL\isalogger i was trying to use another user, member of Backup Operators group and had same problem: i've read http://policelli.com/blog/?p=136 about "AdminSDHolder and Protected Groups" so i tried with another user but the problem still exixts
From: Amazon, Brazil
this happens because ISA firewall resets all permissions when any changes are made or ISACTRL service is restarted.
Q: How are DACLs affecting my ISA Server at all? A: When you configure or change any Administrative Role on ISA (regardless of Enterprise or Standard Edition), the file and registry DACLs will be modified.
Important! Any changes you made earlier in the NTFS security settings, which don't match the roles configured in ISA, will be removed!! Example: You recently added NTFS permissions to a user named BACKUP (manually, by GPO or sth. like this...). This use should be able to backup the ISA folders. All permissions you granted to this user will be removed after you make any changes or restart ISACTRL, if you haven't configured this user in the ISA Administrative Roles. Therefore your backup of ISA Server will most likely fail.