Asked by:
Enable Folder Audit

General discussion
-
I am trying to develop a script to enable folder Auditing on multiple server and several folders on them.
However I am unable to run this code against remote servers, this script runs fine if I run locally on each server.
Appreciate any help
Below is my code
$Computers = Get-Content ".\servers.txt"
$results = foreach ($computer in $Computers)
{
If (test-connection -ComputerName $computer -Count 1 -Quiet)
{
Try {
$paths = Get-Content ".\paths.txt"
foreach ($path in $paths)
{
$ACL = Get-Acl $path
$AuditRule = New-Object Security.AccessControl.FileSystemAuditRule ("everyone","FullControl", "None, None", "None", "fail")
$ACL.SetAuditRule($AuditRule)
$ACL.SetAuditRuleProtection($true,$false)
$ACL | Set-Acl $path
$status = "Success"
}
}
Catch {
$status = "Failed"
}}
else
{
$status = "Unreachable"
}
New-Object -TypeName PSObject -Property @{
'Computer'=$computer
'Status'=$status
}}
$results |
Export-Csv -NoTypeInformation -Path ".\Audit-out.csv"- Edited by Aves-Bilal Tuesday, November 12, 2019 11:14 PM removed spaces
- Changed type Bill_Stewart Tuesday, April 14, 2020 5:07 PM
- Moved by Bill_Stewart Tuesday, April 14, 2020 5:08 PM This is not "fix/debug/rewrite my script for me" forum
Tuesday, November 12, 2019 11:08 PM
All replies
-
You are trying to use a local path to set a remote compute5r. That won't work. You must use a remote path. Use a UNC path or a mapped drive.
Giving Everyone full control seems very dangerous.
You can set global security very easily through a GPO.
\_(ツ)_/
Tuesday, November 12, 2019 11:29 PM -
Thank you for looking into the code.
You are trying to use a local path to set a remote compute5r. That won't work. You must use a remote path. Use a UNC path or a mapped drive.
Ans... these are not shared folders, they are unshared folders on C: of each server. I also tried admin shares instead of local path (Ex \\Servername\c$\xyzFolder) however it doesn't work, I get a error that folder does not exists.
Giving Everyone full control seems very dangerous.
Ans.... I am just adding audit "Fail" for everyone generic group, not giving any permissions.. This is part of server hardening
You can set global security very easily through a GPO.
This is a one time activity hence want to develop a script which can be also used after a new server is built.
Any help would be appreciated
Regards
Bilal.
Wednesday, November 13, 2019 1:28 PM -
Please read the first post at the top of this forum:
This forum is for scripting questions rather than script requests
-- Bill Stewart [Bill_Stewart]
Wednesday, November 13, 2019 2:57 PM -
Please read the first post at the top of this forum:
I hope this forum is to help people learning scripting, I have already developed a script which works but not able to run it against remote servers, here i am not expecting someone to write a script for me. I am just seeking help to point to the approach.
Wednesday, November 13, 2019 3:03 PM -
It's already been explained why what you are doing won't work.
For the script to work you would need to run it on the remote computer or modify the paths.
-- Bill Stewart [Bill_Stewart]
Wednesday, November 13, 2019 3:04 PM -
You can set global security very easily through a GPO.
This is a one time activity hence want to develop a script which can be also used after a new server is built.
Group Policy is designed to manage one time activities and enforce them. What you are doing is best done with a GPO.
\_(ツ)_/
Wednesday, November 13, 2019 6:11 PM -
Ans... these are not shared folders, they are unshared folders on C: of each server. I also tried admin shares instead of local path (Ex \\Servername\c$\xyzFolder) however it doesn't work, I get a error that folder does not exists.
.
If the folder doesn't exist then it doesn't exist. We cannot help you with that. You will have to discover why you logic and assumptions are failing.
\_(ツ)_/
Wednesday, November 13, 2019 6:13 PM