Remove From My Forums

Enable Folder Audit

General discussion
0

Sign in to vote
I am trying to develop a script to enable folder Auditing on multiple server and several folders on them.

However I am unable to run this code against remote servers, this script runs fine if I run locally on each server.

Appreciate any help

Below is my code

$Computers = Get-Content ".\servers.txt"

$results = foreach ($computer in $Computers)
{
If (test-connection -ComputerName $computer -Count 1 -Quiet)
    {
        Try {
        $paths = Get-Content ".\paths.txt"
        foreach ($path in $paths)
        {
$ACL = Get-Acl $path
$AuditRule = New-Object Security.AccessControl.FileSystemAuditRule ("everyone","FullControl", "None, None", "None", "fail")
$ACL.SetAuditRule($AuditRule)
$ACL.SetAuditRuleProtection($true,$false)
$ACL | Set-Acl $path
$status = "Success"
}
}
Catch {
            $status = "Failed"
}}
else
    {
        $status = "Unreachable"
    }
    New-Object -TypeName PSObject -Property @{
        'Computer'=$computer
        'Status'=$status
    }}
    $results |
Export-Csv -NoTypeInformation -Path ".\Audit-out.csv"
- Edited by Aves-Bilal Tuesday, November 12, 2019 11:14 PM removed spaces
- Changed type Bill_Stewart Tuesday, April 14, 2020 5:07 PM
- Moved by Bill_Stewart Tuesday, April 14, 2020 5:08 PM This is not "fix/debug/rewrite my script for me" forum
Tuesday, November 12, 2019 11:08 PM

All replies

0

Sign in to vote

You are trying to use a local path to set a remote compute5r. That won't work. You must use a remote path. Use a UNC path or a mapped drive.

Giving Everyone full control seems very dangerous.

You can set global security very easily through a GPO.

\_(ツ)_/

Tuesday, November 12, 2019 11:29 PM
0

Sign in to vote

Thank you for looking into the code.

You are trying to use a local path to set a remote compute5r. That won't work. You must use a remote path. Use a UNC path or a mapped drive.

Ans... these are not shared folders, they are unshared folders on C: of each server. I also tried admin shares instead of local path (Ex \\Servername\c$\xyzFolder) however it doesn't work, I get a error that folder does not exists.

Giving Everyone full control seems very dangerous.

Ans.... I am just adding audit "Fail" for everyone generic group, not giving any permissions.. This is part of server hardening

You can set global security very easily through a GPO.

This is a one time activity hence want to develop a script which can be also used after a new server is built.

Any help would be appreciated

Regards

Bilal.

Wednesday, November 13, 2019 1:28 PM
0

Sign in to vote

Please read the first post at the top of this forum:

This forum is for scripting questions rather than script requests

-- Bill Stewart [Bill_Stewart]

Wednesday, November 13, 2019 2:57 PM
0

Sign in to vote

Please read the first post at the top of this forum:
I hope this forum is to help people learning scripting, I have already developed a script which works but not able to run it against remote servers, here i am not expecting someone to write a script for me. I am just seeking help to point to the approach.

Wednesday, November 13, 2019 3:03 PM
0

Sign in to vote

It's already been explained why what you are doing won't work.

For the script to work you would need to run it on the remote computer or modify the paths.
-- Bill Stewart [Bill_Stewart]

Wednesday, November 13, 2019 3:04 PM
0

Sign in to vote

You can set global security very easily through a GPO.

This is a one time activity hence want to develop a script which can be also used after a new server is built.

Group Policy is designed to manage one time activities and enforce them. What you are doing is best done with a GPO.

\_(ツ)_/

Wednesday, November 13, 2019 6:11 PM
0

Sign in to vote

Ans... these are not shared folders, they are unshared folders on C: of each server. I also tried admin shares instead of local path (Ex \\Servername\c$\xyzFolder) however it doesn't work, I get a error that folder does not exists.

.

If the folder doesn't exist then it doesn't exist. We cannot help you with that. You will have to discover why you logic and assumptions are failing.
\_(ツ)_/

Wednesday, November 13, 2019 6:13 PM

Asked by:

Enable Folder Audit

General discussion

All replies