Jump to content
Sign in to follow this  
avery

Set Auditing on Files and Folders

Recommended Posts

avery

Hello,

I have been banging my head on the wall with my latest au3 creation. I have been tasked to setup classified government computer systems with NISPOM system requirements. Simply put, enable some auditing.

I am stuck on the part here I add auditing to files and folders. I have been trying to figure out this setACL.exe tool for days but it's so damn cryptic and I am still not even sure if it can do what I want.

Task: Clear all Auditing for %SystemRoot% so I can apply the inf security template using secedit.exe or figure out how to enable auditing on certain files like recording failures to delete a file.

Reference: setACL.exe Docs

Things I've tried:

setACL.exe -on C:\WINDOWS -ot file -actn rstchldrn -rst dacl -op "dacl:np" -rec cont_obj

setACL.exe -on C:\WINDOWS -ot file -actn clear -clr dacl -rst sacl

setACL.exe -on C:\WINDOWS -ot file -actn rstchldrn -rst dacl -op "dacl:np"

setACL.exe -on "c:\WINDOWS" -ot file -actn ace -ace "n:S-1-1-0;m:revoke;s:y" -ace "n:S-1-5-32-545;m:revoke;s:y" -ace "n:S-1-5-32-547;m:revoke;s:y" -ace "n:S-1-5-32-544;p:full;s:y" -ace "n:S-1-5-18;p:full;s:y"

My job is paying me good money to make a tool that does this for 300+ files in random locations for over 6,000 systems. It will save us tons of time. I am so frustrated with my lack of ability to figure this out I will honestly pay someone a nice tax free tip for tutoring me on setacl.exe or a way to make AutoIt3 set the auditing for files.

Please reply or pm me.


www.abox.orgAvery HowellVisit My AutoIt Websitehttp://www.abox.org

Share this post


Link to post
Share on other sites
avery

*shameless bump*

I am still researching how to make these ace strings to better understand how to use setacl or au3 wmi calls to set auditing on files/folders.

Does anyone here have experience with it? I see that other languages like visual basic and .net can do this but not sure how to make my AutoIt3 project do it or with an external tool like setACL.exe

Please and thank you very much for any help you can offer.


www.abox.orgAvery HowellVisit My AutoIt Websitehttp://www.abox.org

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.