Link to home
Start Free TrialLog in
Avatar of jmatarranz
jmatarranzFlag for Spain

asked on

adding permission to auditing

Hi experts,

In Windows folders advanced security settings i need to auditing in a folder and all of subfolders and files (see the attached file). The problem is that much of subfolders have broken the inheritance, and there are a lot of subfolders for do it manually. So do you know a powershell script or other utility to propagate the auditing to all folders, subfolders and files?

Thanks in advance.
auditing.jpg
Avatar of BT15
BT15
Flag of United States of America image
i strongly suggest that you run this on a test folder first..

I borrowed the set-acl sequence from here http://www.vistax64.com/powershell/205062-enable-folder-audit-powershell-script.html 

this should enable auditing on the parent folder, and then do the same for all of the subfolders, regardless of their inheritance

$ACL = new-object System.Security.AccessControl.DirectorySecurity
$AccessRule = new-object System.Security.AccessControl.FileSystemAuditRule("everyone","Modify","ContainerInherit, ObjectInherit", "None","success")
$ACL.SetAuditRule($AccessRule)

$startpath = "c:\test"
$ACL | Set-Acl $startpath

$folders = Get-ChildItem $startpath -Recurse | ?{$_.attributes -eq "Directory"}

foreach ($folder in $folders){

$ACL | Set-Acl $folder.fullpath
}

Open in new window

Avatar of jmatarranz
jmatarranz
Flag of Spain image

ASKER

The script adds the audit permissions well but delete the access groups, so now there is no access. Good i try it in a test server :)

any other suggestions?

thanks.
ASKER CERTIFIED SOLUTION
Avatar of BT15
BT15
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial