![]() ![]() ![]() |
右键单击要审核 的共享文件夹,选择Properties,然后单击 Security选项卡 → 选择 Advanced,然后单击 Auditing选项卡 → 对于 Everyone组,添加以下条目:
Principal | Type | Access | Applies To | |
---|---|---|---|---|
File/folder changes | Everyone | Success, Failure |
|
This Folder, sub folders, and files |
Folder permission and owner changes | Everyone | Success, Failure |
|
This Folder and sub folders |
File read | Everyone | Success, Failure |
|
Files only |
Folder read failure | Everyone | Failure |
|
This Folder and sub folders |
转到 PowerShell 命令提示符 中的<安装目录>\bin文件夹 → 键入ADAP-Set-SACL.ps1 → 按照步骤将对象级审核应用于文件服务器上的共享。
示例:
\\SERVERNAME\folder,FA
C:\test 文件夹,FA
E:\test 文件夹,FIM
\\SERVERNAME\c$\folder,FIM
获得列出所有服务器和所需审核类型的 CSV 文件后,请转到PowerShell 命令提示符内的
输入:
.\ADAP-Set-SACL.ps1 -file '.\file name' -mode add (or) remove -recurse true (or) false -username DOMAIN_NAME\username
在哪里
parameter | input variable | mandatory |
---|---|---|
-file | name of the CSV file containing the list of shared folders | yes |
-mode | add - sets the object-level auditing settings (or) remove - removes the object-level auditing settings |
yes |
-recurse | true - Replace all sub-folder object-level auditing settings with inheritable auditing settings applied to the chosen folder. (or) false - Apply object-level auditing settings only to the chosen folder Note: By default, the -recurse parameter is set to false |
no |
-username | DOMAIN_NAME\username of the user with privilege over the file or folder to set the object-level auditing settings. (No cross-domain support) |
no |
注意:删除一组文件夹的对象级审核时, -type 参数 不是必需的。 |
例如:
![]() ![]() ![]() |