我正在使用powershell脚本在Windows目录及其所有子文件夹中创建审核。
$DrivePath = $args[0]
$AuditUser = "Everyone"
$AuditRules = "FullControl"
$InheritType = "ContainerInherit,ObjectInherit"
$AuditType = "Success,Failure"
$AccessRule = New-Object System.Security.AccessControl.FileSystemAuditRule($AuditUser,$AuditRules,$InheritType,"None",$AuditType)
$ACL = Get-Acl $DrivePath
$ACL.SetAuditRule($AccessRule)
$ACL | Set-Acl $DrivePath
运行脚本后,将为根目录创建审核,但所有子文件夹都禁用了复选框 - “包含此对象父项的可继承审核条目”。
我如何使用脚本并保留继承?
答案 0 :(得分:0)
$ACL = Get-Acl $DrivePath
$ACL.SetAuditRule($AccessRule)
# Add this line
$ACL.SetAuditRuleProtection($True, $False)
$ACL | Set-Acl $DrivePath