FileSystemAuditRule 類別

定義

表示存取控制項目 (ACE) 的抽象,其定義檔案或目錄的稽核規則。Represents an abstraction of an access control entry (ACE) that defines an audit rule for a file or directory. 這個類別無法被繼承。This class cannot be inherited.

public ref class FileSystemAuditRule sealed : System::Security::AccessControl::AuditRule
[System.Security.SecurityCritical]
public sealed class FileSystemAuditRule : System.Security.AccessControl.AuditRule
type FileSystemAuditRule = class
    inherit AuditRule
Public NotInheritable Class FileSystemAuditRule
Inherits AuditRule
繼承
FileSystemAuditRule
屬性

範例

下列程式碼範例會使用FileSystemAuditRule類別來新增和移除檔案中的 audit 規則。The following code example uses the FileSystemAuditRule class to add and then remove an audit rule from a file. 您必須提供有效的使用者或群組帳戶,才能執行這個範例。You must supply a valid user or group account to run this example.

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class FileExample
    {
        public static void Main()
        {
            try 
            {
                string FileName = "test.xml";

                Console.WriteLine("Adding access control entry for " + FileName);

                // Add the access control entry to the file.
                AddFileAuditRule(FileName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AuditFlags.Failure);

                Console.WriteLine("Removing access control entry from " + FileName);

                // Remove the access control entry from the file.
                RemoveFileAuditRule(FileName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AuditFlags.Failure);

                Console.WriteLine("Done.");
            }
            catch (IOException e)
            {
                Console.WriteLine("Unable to open the file: " + e.Message);
            }
            catch (PrivilegeNotHeldException e)
            {
                Console.WriteLine("The current account does not have the correct privileges: " + e.Message);
            }

            Console.ReadLine();
        }

        // Adds an ACL entry on the specified file for the specified account.
        public static void AddFileAuditRule(string FileName, string Account, FileSystemRights Rights, AuditFlags AuditRule)
        {


            // Get a FileSecurity object that represents the 
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(FileName);

            // Add the FileSystemAuditRule to the security settings. 
            fSecurity.AddAuditRule(new FileSystemAuditRule(Account,
                                                            Rights,
                                                            AuditRule));

            // Set the new access settings.
            File.SetAccessControl(FileName, fSecurity);

        }

        // Removes an ACL entry on the specified file for the specified account.
        public static void RemoveFileAuditRule(string FileName, string Account, FileSystemRights Rights, AuditFlags AuditRule)
        {

            // Get a FileSecurity object that represents the 
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(FileName);

            // Add the FileSystemAuditRule to the security settings. 
            fSecurity.RemoveAuditRule(new FileSystemAuditRule(Account,
                                                            Rights,
                                                            AuditRule));

            // Set the new access settings.
            File.SetAccessControl(FileName, fSecurity);

        }
    }
}
Imports System.IO
Imports System.Security.AccessControl



Module FileExample

    Sub Main()
        Try
            Dim FileName As String = "test.xml"

            Console.WriteLine("Adding access control entry for " + FileName)

            ' Add the access control entry to the file.
            AddFileAuditRule(FileName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AuditFlags.Failure)

            Console.WriteLine("Removing access control entry from " + FileName)

            ' Remove the access control entry from the file.
            RemoveFileAuditRule(FileName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AuditFlags.Failure)

            Console.WriteLine("Done.")
        Catch e As IOException
            Console.WriteLine("Unable to open the file: " & e.Message)
        Catch e As PrivilegeNotHeldException
            Console.WriteLine("The current account does not have the correct privileges: " & e.Message)
        End Try

        Console.ReadLine()

    End Sub


    ' Adds an ACL entry on the specified file for the specified account.
    Sub AddFileAuditRule(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal AuditRule As AuditFlags)


        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(FileName)

        ' Add the FileSystemAuditRule to the security settings. 
        fSecurity.AddAuditRule(New FileSystemAuditRule(Account, Rights, AuditRule))

        ' Set the new access settings.
        File.SetAccessControl(FileName, fSecurity)

    End Sub


    ' Removes an ACL entry on the specified file for the specified account.
    Sub RemoveFileAuditRule(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal AuditRule As AuditFlags)

        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(FileName)

        ' Add the FileSystemAuditRule to the security settings. 
        fSecurity.RemoveAuditRule(New FileSystemAuditRule(Account, Rights, AuditRule))

        ' Set the new access settings.
        File.SetAccessControl(FileName, fSecurity)

    End Sub
End Module

備註

FileSystemAuditRule類別代表基礎存取控制專案 (ACE) 的抽象概念, 指定使用者帳戶、提供的存取類型 (讀取、寫入等等), 以及是否要執行審核。The FileSystemAuditRule class represents an abstraction of an underlying access control entry (ACE) that specifies a user account, the type of access to provide (read, write, and so on), and whether to perform auditing. 這個類別也可以指定如何繼承和傳播 audit 規則至物件。This class can also specify how audit rules are inherited from and propagated to objects.

若要在 Windows NT 或更新版本上允許檔案和目錄的審核, 您必須在您的電腦上啟用「審核存取」安全性原則。To permit file and directory auditing on Windows NT or later, you must enable Audit Access Security policy on your machine. 根據預設, 此原則設定為 [無審核]。By default, this policy is set to No Auditing.

若要啟用「審核存取」安全性原則, 請執行下列步驟:To enable the Audit Access Security policy, perform the following steps:

  1. 開啟 [本機安全性設定] Microsoft Management CONSOLE (MMC) 嵌入式管理單元 (位於 [系統管理工具] 資料夾中)。Open the Local Security Settings Microsoft Management Console (MMC) snap-in, located in the Administrative Tools folder.

  2. 展開 [本機原則] 資料夾, 然後以滑鼠左鍵按一下 [稽核原則] 資料夾。Expand the Local Policies folder and left-click the Audit Policy folder.

  3. 在 MMC 嵌入式管理單元的右窗格中, 按兩下 [ audit 物件存取] 專案, 或按一下滑鼠右鍵, 然後選擇 [內容] 以顯示 [ audit 物件存取屬性] 對話方塊。Double-click the Audit object access entry on the right pane of the MMC snap-in, or right-click and choose Properties to display the Audit object access properties dialog box.

  4. 選取 [成功] 或 [失敗] 核取方塊, 以記錄成功或失敗。Select the Success or Failure check boxes to log successes or failures.

請注意, 使用者帳戶的審核規則需要相同使用者帳戶的對應存取規則。Note that an audit rule for a user account requires a corresponding access rule for the same user account.

FileSystemAuditRule使用類別建立新的審核規則。Use the FileSystemAuditRule class to create a new audit rule. 您可以使用FileSecurityDirectorySecurity類別保存此規則。You can persist this rule using the FileSecurity or DirectorySecurity class.

建構函式

FileSystemAuditRule(IdentityReference, FileSystemRights, AuditFlags)

利用使用者帳戶的參考、指定與稽核規則關聯之作業類型的值以及指定何時執行稽核的值,來初始化 FileSystemAuditRule 類別的新執行個體。Initializes a new instance of the FileSystemAuditRule class using a reference to a user account, a value that specifies the type of operation associated with the audit rule, and a value that specifies when to perform auditing.

FileSystemAuditRule(IdentityReference, FileSystemRights, InheritanceFlags, PropagationFlags, AuditFlags)

利用使用者帳戶的參考名稱、指定與稽核規則關聯之作業類型的值、決定如何繼承權限的值、決定如何散佈權限的值以及指定何時執行稽核的值,來初始化 FileSystemAuditRule 類別的新執行個體。Initializes a new instance of the FileSystemAuditRule class using the name of a reference to a user account, a value that specifies the type of operation associated with the audit rule, a value that determines how rights are inherited, a value that determines how rights are propagated, and a value that specifies when to perform auditing.

FileSystemAuditRule(String, FileSystemRights, AuditFlags)

利用使用者帳戶名稱、指定與稽核規則關聯之作業類型的值以及指定何時執行稽核的值,來初始化 FileSystemAuditRule 類別的新執行個體。Initializes a new instance of the FileSystemAuditRule class using a user account name, a value that specifies the type of operation associated with the audit rule, and a value that specifies when to perform auditing.

FileSystemAuditRule(String, FileSystemRights, InheritanceFlags, PropagationFlags, AuditFlags)

利用使用者帳戶名稱、指定與稽核規則關聯之作業類型的值、決定如何繼承權限的值、決定如何散佈權限的值,以及指定何時執行稽核的值,來初始化 FileSystemAuditRule 類別的新執行個體。Initializes a new instance of the FileSystemAuditRule class using the name of a user account, a value that specifies the type of operation associated with the audit rule, a value that determines how rights are inherited, a value that determines how rights are propagated, and a value that specifies when to perform auditing.

屬性

AccessMask

取得此規則的存取遮罩。Gets the access mask for this rule.

(繼承來源 AuthorizationRule)
AuditFlags

取得這個稽核規則的稽核旗標。Gets the audit flags for this audit rule.

(繼承來源 AuditRule)
FileSystemRights

取得與目前 FileSystemRights 物件關聯的 FileSystemAuditRule 旗標。Gets the FileSystemRights flags associated with the current FileSystemAuditRule object.

IdentityReference

取得要套用此規則的 IdentityReferenceGets the IdentityReference to which this rule applies.

(繼承來源 AuthorizationRule)
InheritanceFlags

取得旗標值,這個值會決定子物件繼承這項規則的方式。Gets the value of flags that determine how this rule is inherited by child objects.

(繼承來源 AuthorizationRule)
IsInherited

取得值,表示這個規則是否會明確地設定或繼承自父容器物件。Gets a value indicating whether this rule is explicitly set or is inherited from a parent container object.

(繼承來源 AuthorizationRule)
PropagationFlags

取得傳播旗標的值,該值判斷這個規則的繼承如何傳播到子物件。Gets the value of the propagation flags, which determine how inheritance of this rule is propagated to child objects. 只有當 InheritanceFlags 列舉的值不是 None,這個屬性才是重要的。This property is significant only when the value of the InheritanceFlags enumeration is not None.

(繼承來源 AuthorizationRule)

方法

Equals(Object)

判斷指定的物件是否等於目前的物件。Determines whether the specified object is equal to the current object.

(繼承來源 Object)
GetHashCode()

作為預設雜湊函數。Serves as the default hash function.

(繼承來源 Object)
GetType()

取得目前執行個體的 TypeGets the Type of the current instance.

(繼承來源 Object)
MemberwiseClone()

建立目前 Object 的淺層複製。Creates a shallow copy of the current Object.

(繼承來源 Object)
ToString()

傳回代表目前物件的字串。Returns a string that represents the current object.

(繼承來源 Object)

適用於