Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply
    Click here to shrink
    Click here to expand Click here to expand

    Configuring object level auditing - Using PowerShell cmdlets

    To audit file and folder access, object-level auditing must be enabled. This can be achieved in three ways:

    • Using Windows shares
    • Using PowerShell cmdlets
    • Using Global Object Access Auditing

    Using PowerShell cmdlets

    • Create a CSV file containing the Universal Naming Convention (UNC) path or local path and the type of auditing (FIM) of all the folders that you want to enable auditing for.
    • The CSV file should contain the list of folders in the following format: <folder>,<type>
      For example:
      E:\test folder,FIM
      \\SERVERNAME\c$\folder,FIM
    • Note:
      When removing object-level auditing for a set of folders, the <type>strong> parameter is not mandatory.

      Once you have the CSV file that lists all the servers and the type of auditing required, go to the <Installation Directory>\bin folder within the PowerShell command prompt and type in:
      .\ADAP-Set-SACL.ps1 -file '.\file name' -mode add (or) remove -recurse true (or) false -username DOMAIN_NAME\username

    Where:

    Parameter Input variable Mandatory
    -mode The name of the CSV file containing the list of shared folders. Yes
    -file Add: Sets the object-level auditing settings.
    (or)
    Remove: Removes the object-level auditing settings.
    Yes
    -recurse True: Replace all subfolder object-level auditing settings with inheritable auditing settings applied to the chosen folder.
    (or)
    False: Apply object-level auditing settings only to the chosen folder.
    Note: By default, the -recurse parameter is set to false.
    No
    -username DOMAIN_NAME\username: The user with the privileges to set the object-level auditing settings for the file or folder
    (no cross-domain support).
    No

    For example

    • To set object-level auditing for the list of folders in a CSV file named folders.CSV, use:
      .\ADAP-Set-SACL.ps1 -file '.\folders.CSV' -mode add
    • To replace all subfolder object-level auditing settings with inheritable auditing settings applied to a CSV file named folders.CSV, use:
      .\ADAP-Set-SACL.ps1 -file '.\folders.CSV' -mode add -recurse true
    • To remove object-level auditing for the list of folders in a CSV file named folders.CSV, use:
      .\ADAP-Set-SACL.ps1 -file '.\folders.CSV' -mode remove

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       

    On this page

    Get download link