none
Enable Folder Audit RRS feed

  • General discussion

  • I am trying to develop a script to enable folder Auditing on multiple server and several folders on them.

    However I am unable to run this code against remote servers, this script runs fine if I run locally on each server.

    Appreciate any help

    Below is my code

    $Computers = Get-Content ".\servers.txt"

    $results = foreach ($computer in $Computers)
    {
      If (test-connection -ComputerName $computer -Count 1 -Quiet)
        {
            Try {
            $paths = Get-Content ".\paths.txt"
            foreach ($path in $paths)
            {
    $ACL = Get-Acl $path
    $AuditRule = New-Object Security.AccessControl.FileSystemAuditRule ("everyone","FullControl", "None, None", "None", "fail")
    $ACL.SetAuditRule($AuditRule)
    $ACL.SetAuditRuleProtection($true,$false)
    $ACL | Set-Acl $path
    $status = "Success"
    }
    }
    Catch {
                $status = "Failed"
    }}
    else
        {   
            $status = "Unreachable"
        }
          New-Object -TypeName PSObject -Property @{
            'Computer'=$computer
            'Status'=$status
        }}
        $results |
    Export-Csv -NoTypeInformation -Path ".\Audit-out.csv"

    • Edited by Aves-Bilal Tuesday, November 12, 2019 11:14 PM removed spaces
    • Changed type Bill_Stewart Tuesday, April 14, 2020 5:07 PM
    • Moved by Bill_Stewart Tuesday, April 14, 2020 5:08 PM This is not "fix/debug/rewrite my script for me" forum
    Tuesday, November 12, 2019 11:08 PM

All replies

  • You are trying to use a local path to set a remote compute5r. That won't work. You must use a remote path.  Use a UNC path or a mapped drive.

    Giving Everyone full control seems very dangerous.

    You can set global security very easily through a GPO.


    \_(ツ)_/

    Tuesday, November 12, 2019 11:29 PM
  • Thank you for looking into the code.

    You are trying to use a local path to set a remote compute5r. That won't work. You must use a remote path.  Use a UNC path or a mapped drive.

    Ans... these are not shared folders, they are unshared folders on C: of each server. I also tried admin shares instead  of local path (Ex \\Servername\c$\xyzFolder) however it doesn't work, I get a error that folder does not exists.

    Giving Everyone full control seems very dangerous.

    Ans.... I am just adding audit "Fail" for everyone generic group, not giving any permissions.. This is part of server hardening

    You can set global security very easily through a GPO.

    This is a one time activity hence want to develop a script which can be also used after a new server is built.

    Any help would be appreciated

    Regards

    Bilal.

    Wednesday, November 13, 2019 1:28 PM
  • Please read the first post at the top of this forum:

    This forum is for scripting questions rather than script requests


    -- Bill Stewart [Bill_Stewart]

    Wednesday, November 13, 2019 2:57 PM
  • Please read the first post at the top of this forum:

    I hope this forum is to help people learning scripting, I have already developed a script which works but not able to run it against remote servers, here i am not expecting someone to write a script for me. I am just seeking help to point to the approach.
    Wednesday, November 13, 2019 3:03 PM
  • It's already been explained why what you are doing won't work.

    For the script to work you would need to run it on the remote computer or modify the paths.


    -- Bill Stewart [Bill_Stewart]

    Wednesday, November 13, 2019 3:04 PM
  • You can set global security very easily through a GPO.

    This is a one time activity hence want to develop a script which can be also used after a new server is built.

    Group Policy is designed to manage one time activities and enforce them. What you are doing is best done with a GPO.


    \_(ツ)_/

    Wednesday, November 13, 2019 6:11 PM
  • Ans... these are not shared folders, they are unshared folders on C: of each server. I also tried admin shares instead  of local path (Ex \\Servername\c$\xyzFolder) however it doesn't work, I get a error that folder does not exists.

    .

    If the folder doesn't exist then it doesn't exist. We cannot help you with that.  You will have to discover why you logic and assumptions are failing.


    \_(ツ)_/

    Wednesday, November 13, 2019 6:13 PM