DEVHIDE
Login Or Sign up

Monitor Permission changes on Shared Folder using PowerShell

756 Views Asked by At

I am trying to write a script that would monitor changes on the shared folder's permission but not able to find anything. As per attached Image, if someone tries to add/remove any group or a user or change the permission here then I should be notified with user details and time. Any of your suggestions or references are welcome.

Shared folder which is used by others for accessing files

powershell automation acl servicenow fileserver
Original Q&A
1

There are 1 best solutions below

9
On

You're probably looking for a FilesystemWatcher, but you'll need to make these code changes to monitor altered Security:

# specify the file or folder properties you want to monitor:
$AttributeFilter = [System.IO.NotifyFilters]::Security 

# specify the type of changes you want to monitor:
$ChangeTypes = [System.IO.WatcherChangeTypes]::Changed

Note that this script must always be running to monitor for changes. It may not be possible to monitor remote shares.

EDIT: Here's a minimal example distilled from the link above that watches for changes to security or file content. As recommended, I started with the asynch version to capture all events, not just the first one:

try {
  $watcher = New-Object IO.FileSystemWatcher -Property @{
    Path = [Environment]::GetFolderPath('Desktop')
    Filter = '*'
    IncludeSubdirectories = $true
    NotifyFilter = @([IO.NotifyFilters]::Security, [IO.NotifyFilters]::LastWrite) #add any other notify filters to this array
    EnableRaisingEvents = $true
  }
  $handlers = .{#add any other events to listen for
    Register-ObjectEvent -InputObject $watcher -EventName 'Changed' -Action {Write-Host "`nChanged: $($event | ConvertTo-Json -Depth 5)"}
    Register-ObjectEvent -InputObject $watcher -EventName 'Deleted' -Action {Write-Host "`nDeleted: $($event | ConvertTo-Json -Depth 5)"}
  }
  Write-Warning "FileSystemWatcher is monitoring $($watcher.NotifyFilter) events for $($watcher.Path)"
  do{
    Wait-Event -Timeout 1
    Write-Host "." -NoNewline     # write a dot to indicate we are still monitoring:
  } while ($true)# the loop runs forever until you hit CTRL+C    
}finally{#release the watcher and free its memory
  $handlers | %{Unregister-Event -SourceIdentifier $_.Name }
  $handlers | Remove-Job
  $watcher.Dispose() 
  Write-Warning 'FileSystemWatcher removed.'
}

Related Questions in POWERSHELL

Related Questions in AUTOMATION

Related Questions in ACL

Related Questions in SERVICENOW

Related Questions in FILESERVER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.