我正在尝试运行 Powershell 脚本来C:\Windows\security
在 Windows 2008 系统上的文件夹上设置审计规则。
以下是脚本:
$FileDirList = ("C:\Windows\security")
$AccountName = New-Object System.Security.Principal.NTAccount("Everyone")
$FileSystemRight = [System.Security.AccessControl.FileSystemRights]::FullControl
$AuditFlag = [System.Security.AccessControl.AuditFlags]::Failure
$InheritanceFlag = [System.Security.AccessControl.InheritanceFlags]::None
$PropagationFlag = [System.Security.AccessControl.PropagationFlags]::None
#
#write-OSPBOSbuildLog "Applying Audit Setting"
#
foreach ($FileDirName in $FileDirList) {
#write-OSPBOSbuildLog ">>>>> Appying audit setting to $FileDirName"
$AuditRule = New-Object System.Security.AccessControl.FileSystemAuditRule $AccountName, $FileSystemRight, $InheritanceFlag, $PropagationFlag, $AuditFlag
$objACL = Get-ACL $FileDirname
$objACL.AddAuditRule($AuditRule)
Set-ACL $FileDirname $objACL
但我收到如下所示的错误:
Set-Acl : Attempted to perform an unauthorized operation.
At C:\IBM\File-Perm.ps1:22 char:12 + Set-ACL <<<< $FileDirname $objACL + CategoryInfo :
PermissionDenied: (C:\Windows:String) [Set-Acl],
UnauthorizedAccessException + FullyQualifiedErrorId :
System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.SetAclCommand
请帮助我了解我需要做哪些改变?