Hi,
As far as I know no operating system intimating or storing or holding user info who changed a file/directory. But, by writing file system filter driver we can fetch user name who changed a file/directory. This is kernel mode programming. I can't do that (management will feel risky). I want to that from user mode. I need some windows API to get user details when someone changed file/directory. I looked many API none I found useful.
If someone have idea about this please let me know. I hope some undocumented windows APIs can do this.