I need to know if once File Auditing is turned on with an NT 4 Server
if it is one for everyone or if it is truly something that can be
monitored on a single user in the file system. I have searched and
searched but found no answer to this. I have always operated under
the impression that once it is turned on it is turned on for everyone
in your network and on every file/folder in your file system. However
- there is a way to edit the policy to either act on "Everyone" or by
user and/or group. As well as specific areas of ones given network
file system.

Right now my customer is operating under the impression that his
overhead will be minimul as he is only monitoring one particlar user
in the network. My understanding is that no matter how he tries to
configure it it is going to monitor "Everyone" whether he wants it too
or not. Any help on this would be greatly appreciated.