FileSystemAuditRule 类
定义
表示定义文件或目录的审核规则的访问控制项 (ACE) 的抽象。Represents an abstraction of an access control entry (ACE) that defines an audit rule for a file or directory. 此类不能被继承。This class cannot be inherited.
public ref class FileSystemAuditRule sealed : System::Security::AccessControl::AuditRule
public sealed class FileSystemAuditRule : System.Security.AccessControl.AuditRule
[System.Security.SecurityCritical]
public sealed class FileSystemAuditRule : System.Security.AccessControl.AuditRule
type FileSystemAuditRule = class
inherit AuditRule
[<System.Security.SecurityCritical>]
type FileSystemAuditRule = class
inherit AuditRule
Public NotInheritable Class FileSystemAuditRule
Inherits AuditRule
- 继承
- 属性
示例
下面的代码示例使用 FileSystemAuditRule 类来添加和删除文件中的审核规则。The following code example uses the FileSystemAuditRule class to add and then remove an audit rule from a file. 你必须提供有效的用户或组帐户以运行此示例。You must supply a valid user or group account to run this example.
using System;
using System.IO;
using System.Security.AccessControl;
namespace FileSystemExample
{
class FileExample
{
public static void Main()
{
try
{
string FileName = "test.xml";
Console.WriteLine("Adding access control entry for " + FileName);
// Add the access control entry to the file.
AddFileAuditRule(FileName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AuditFlags.Failure);
Console.WriteLine("Removing access control entry from " + FileName);
// Remove the access control entry from the file.
RemoveFileAuditRule(FileName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AuditFlags.Failure);
Console.WriteLine("Done.");
}
catch (IOException e)
{
Console.WriteLine("Unable to open the file: " + e.Message);
}
catch (PrivilegeNotHeldException e)
{
Console.WriteLine("The current account does not have the correct privileges: " + e.Message);
}
Console.ReadLine();
}
// Adds an ACL entry on the specified file for the specified account.
public static void AddFileAuditRule(string FileName, string Account, FileSystemRights Rights, AuditFlags AuditRule)
{
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity fSecurity = File.GetAccessControl(FileName);
// Add the FileSystemAuditRule to the security settings.
fSecurity.AddAuditRule(new FileSystemAuditRule(Account,
Rights,
AuditRule));
// Set the new access settings.
File.SetAccessControl(FileName, fSecurity);
}
// Removes an ACL entry on the specified file for the specified account.
public static void RemoveFileAuditRule(string FileName, string Account, FileSystemRights Rights, AuditFlags AuditRule)
{
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity fSecurity = File.GetAccessControl(FileName);
// Add the FileSystemAuditRule to the security settings.
fSecurity.RemoveAuditRule(new FileSystemAuditRule(Account,
Rights,
AuditRule));
// Set the new access settings.
File.SetAccessControl(FileName, fSecurity);
}
}
}
Imports System.IO
Imports System.Security.AccessControl
Module FileExample
Sub Main()
Try
Dim FileName As String = "test.xml"
Console.WriteLine("Adding access control entry for " + FileName)
' Add the access control entry to the file.
AddFileAuditRule(FileName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AuditFlags.Failure)
Console.WriteLine("Removing access control entry from " + FileName)
' Remove the access control entry from the file.
RemoveFileAuditRule(FileName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AuditFlags.Failure)
Console.WriteLine("Done.")
Catch e As IOException
Console.WriteLine("Unable to open the file: " & e.Message)
Catch e As PrivilegeNotHeldException
Console.WriteLine("The current account does not have the correct privileges: " & e.Message)
End Try
Console.ReadLine()
End Sub
' Adds an ACL entry on the specified file for the specified account.
Sub AddFileAuditRule(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal AuditRule As AuditFlags)
' Get a FileSecurity object that represents the
' current security settings.
Dim fSecurity As FileSecurity = File.GetAccessControl(FileName)
' Add the FileSystemAuditRule to the security settings.
fSecurity.AddAuditRule(New FileSystemAuditRule(Account, Rights, AuditRule))
' Set the new access settings.
File.SetAccessControl(FileName, fSecurity)
End Sub
' Removes an ACL entry on the specified file for the specified account.
Sub RemoveFileAuditRule(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal AuditRule As AuditFlags)
' Get a FileSecurity object that represents the
' current security settings.
Dim fSecurity As FileSecurity = File.GetAccessControl(FileName)
' Add the FileSystemAuditRule to the security settings.
fSecurity.RemoveAuditRule(New FileSystemAuditRule(Account, Rights, AuditRule))
' Set the new access settings.
File.SetAccessControl(FileName, fSecurity)
End Sub
End Module
注解
FileSystemAuditRule类表示 (ACE) 的基础访问控制项的抽象,此类指定用户帐户、提供 (读) 写权限的访问类型,以及是否执行审核。The FileSystemAuditRule class represents an abstraction of an underlying access control entry (ACE) that specifies a user account, the type of access to provide (read, write, and so on), and whether to perform auditing. 此类还可以指定如何从对象继承和传播审核规则。This class can also specify how audit rules are inherited from and propagated to objects.
若要允许 Windows NT 或更高版本上的文件和目录审核,必须在计算机上启用审核访问安全策略。To permit file and directory auditing on Windows NT or later, you must enable Audit Access Security policy on your machine. 默认情况下,此策略设置为 "无审核"。By default, this policy is set to No Auditing.
若要启用审核访问安全策略,请执行以下步骤:To enable the Audit Access Security policy, perform the following steps:
在 "管理工具" 文件夹中打开 " 本地安全设置 Microsoft 管理控制台 (mmc) 管理单元。Open the Local Security Settings Microsoft Management Console (MMC) snap-in, located in the Administrative Tools folder.
展开 "本地策略" 文件夹,然后单击 "审核策略" 文件夹。Expand the Local Policies folder and left-click the Audit Policy folder.
在 MMC 管理单元的右窗格中双击 " 审核对象访问 " 项,或右键单击并选择 "属性" 以显示 " 审核对象访问属性 " 对话框。Double-click the Audit object access entry on the right pane of the MMC snap-in, or right-click and choose Properties to display the Audit object access properties dialog box.
选中 " 成功 " 或 " 失败 " 复选框以记录成功或失败。Select the Success or Failure check boxes to log successes or failures.
请注意,用户帐户的审核规则需要对同一用户帐户具有相应的访问规则。Note that an audit rule for a user account requires a corresponding access rule for the same user account.
使用 FileSystemAuditRule 类创建新的审核规则。Use the FileSystemAuditRule class to create a new audit rule. 您可以使用或类保存此 FileSecurity 规则 DirectorySecurity 。You can persist this rule using the FileSecurity or DirectorySecurity class.
构造函数
| FileSystemAuditRule(IdentityReference, FileSystemRights, AuditFlags) |
使用以下内容初始化 FileSystemAuditRule 类的新实例:对用户帐户的引用、指定与审核规则关联的操作的类型的值,以及指定何时执行审核的值。Initializes a new instance of the FileSystemAuditRule class using a reference to a user account, a value that specifies the type of operation associated with the audit rule, and a value that specifies when to perform auditing. |
| FileSystemAuditRule(IdentityReference, FileSystemRights, InheritanceFlags, PropagationFlags, AuditFlags) |
使用以下内容初始化 FileSystemAuditRule 类的新实例:对用户帐户的引用的名称、指定与审核规则关联的操作的类型的值、确定如何继承权限的值、确定如何传播权限的值,以及指定何时执行审核的值。Initializes a new instance of the FileSystemAuditRule class using the name of a reference to a user account, a value that specifies the type of operation associated with the audit rule, a value that determines how rights are inherited, a value that determines how rights are propagated, and a value that specifies when to perform auditing. |
| FileSystemAuditRule(String, FileSystemRights, AuditFlags) |
使用以下内容初始化 FileSystemAuditRule 类的新实例:用户帐户名称、指定与审核规则关联的操作的类型的值,以及指定何时执行审核的值。Initializes a new instance of the FileSystemAuditRule class using a user account name, a value that specifies the type of operation associated with the audit rule, and a value that specifies when to perform auditing. |
| FileSystemAuditRule(String, FileSystemRights, InheritanceFlags, PropagationFlags, AuditFlags) |
使用以下内容初始化 FileSystemAuditRule 类的新实例:用户帐户的名称、指定与审核规则关联的操作的类型的值、确定如何继承权限的值、确定如何传播权限的值,以及指定何时执行审核的值。Initializes a new instance of the FileSystemAuditRule class using the name of a user account, a value that specifies the type of operation associated with the audit rule, a value that determines how rights are inherited, a value that determines how rights are propagated, and a value that specifies when to perform auditing. |
属性
| AccessMask |
获取此规则的访问掩码。Gets the access mask for this rule. (继承自 AuthorizationRule) |
| AuditFlags |
获取此审核规则的审核标志。Gets the audit flags for this audit rule. (继承自 AuditRule) |
| FileSystemRights |
获取与当前 FileSystemRights 对象关联的 FileSystemAuditRule 标志。Gets the FileSystemRights flags associated with the current FileSystemAuditRule object. |
| IdentityReference |
获取对其应用此规则的 IdentityReference。Gets the IdentityReference to which this rule applies. (继承自 AuthorizationRule) |
| InheritanceFlags |
获取用于确定子对象如何继承此规则的标志的值。Gets the value of flags that determine how this rule is inherited by child objects. (继承自 AuthorizationRule) |
| IsInherited |
获取一个值,该值指示此规则是否为显式设置或继承自父级容器对象。Gets a value indicating whether this rule is explicitly set or is inherited from a parent container object. (继承自 AuthorizationRule) |
| PropagationFlags |
获取传播标志的值,该值确定如何将此规则的继承传播到子对象。Gets the value of the propagation flags, which determine how inheritance of this rule is propagated to child objects. 仅当 InheritanceFlags 枚举的值不为 None 时,此属性才有意义。This property is significant only when the value of the InheritanceFlags enumeration is not None. (继承自 AuthorizationRule) |
方法
| Equals(Object) |
确定指定对象是否等于当前对象。Determines whether the specified object is equal to the current object. (继承自 Object) |
| GetHashCode() |
作为默认哈希函数。Serves as the default hash function. (继承自 Object) |
| GetType() |
获取当前实例的 Type。Gets the Type of the current instance. (继承自 Object) |
| MemberwiseClone() |
创建当前 Object 的浅表副本。Creates a shallow copy of the current Object. (继承自 Object) |
| ToString() |
返回表示当前对象的字符串。Returns a string that represents the current object. (继承自 Object) |