我想设定适用于场下的文件夹审计选项编程。在MSDN，在code比如有使用FileSystemAuditRule类到一个新的审核规则添加到文件夹。没有什么明显的在这个类来设置特定审核规则需要施加什么

I am trying to set the "Applies To" field under folder auditing options programatically. In MSDN, the code example there uses the FileSystemAuditRule class to add a new audit rule to a folder. There is nothing obvious in this class to set what the particular audit rule needs to be applied to.

这是在code我用来设置一些权限：

This is the code I am using to set some permissions:

const string myFolder = @"S:\Temp\SomeFolderToAudit";

var account = new SecurityIdentifier(WellKnownSidType.WorldSid, null).Translate(typeof(NTAccount));

FileSecurity fSecurity = File.GetAccessControl(myFolder, AccessControlSections.Audit);

fSecurity.AddAuditRule(new FileSystemAuditRule(account, FileSystemRights.WriteData | FileSystemRights.Delete | FileSystemRights.ChangePermissions, AuditFlags.Success));

File.SetAccessControl(myFolder, fSecurity);

这创造很好的，除了以下突出显示的选项的审核规则：

This creates the audit rules nicely except for the highlighted option below:

我需要这是此文件夹，子文件夹和文件的，例如或其他非的仅此文件夹的。我不想遍历所有的目录和文件，并在其上​​设置相同的审核规则。我并不想尝试和管理继承或者，该规则将被保护的。我只是需要一个方法使用管理code（P /调用的欢迎，如果这是唯一的方法）pferably设置这个选项$​​ P $。

I need this to be "This folder, subfolders and files" for example or anything other than "This folder only". I don't want to traverse all directories and files and set the same auditing rules on them. I don't want to try and manage inheritance either, the rules will be protected from that. I simply need a way to set this option preferably using managed code (P/Invokes are welcome if this is the only way).

在此先感谢任何帮助。

推荐答案

在有点摆弄周围，我设法找出如何适用于字段设置。你需要创建审核规则对象时使用InheritanceFlags和PropagationFlags的组合。

After a bit of fiddling around I managed to find out how to set the "Applies to" field. You need to use a combination of InheritanceFlags and PropagationFlags when creating your audit rule object.

下面是例子code（基于问题的例子），显示你的标志的组合和他们的成果是适用于字段：

Here is the example code (based on the question example) that shows you the combinations of flags and what their outcomes are to the "Applies to" field:

// This folder only (default)
fSecurity.AddAuditRule(new FileSystemAuditRule(account, FileSystemRights.WriteData | FileSystemRights.Delete | FileSystemRights.ChangePermissions, InheritanceFlags.None, PropagationFlags.None, AuditFlags.Success));
// This folder and subfolders
fSecurity.AddAuditRule(new FileSystemAuditRule(account, FileSystemRights.WriteData | FileSystemRights.Delete | FileSystemRights.ChangePermissions, InheritanceFlags.ContainerInherit, PropagationFlags.None, AuditFlags.Success));
// This folder and files
fSecurity.AddAuditRule(new FileSystemAuditRule(account, FileSystemRights.WriteData | FileSystemRights.Delete | FileSystemRights.ChangePermissions, InheritanceFlags.ObjectInherit, PropagationFlags.None, AuditFlags.Success));
// This folder, subfolders and files
fSecurity.AddAuditRule(new FileSystemAuditRule(account, FileSystemRights.WriteData | FileSystemRights.Delete | FileSystemRights.ChangePermissions, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AuditFlags.Success));
// Subfolders only
fSecurity.AddAuditRule(new FileSystemAuditRule(account, FileSystemRights.WriteData | FileSystemRights.Delete | FileSystemRights.ChangePermissions, InheritanceFlags.ContainerInherit, PropagationFlags.InheritOnly, AuditFlags.Success));
// Files only
fSecurity.AddAuditRule(new FileSystemAuditRule(account, FileSystemRights.WriteData | FileSystemRights.Delete | FileSystemRights.ChangePermissions, InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AuditFlags.Success));
// Subfolders and files only
fSecurity.AddAuditRule(new FileSystemAuditRule(account, FileSystemRights.WriteData | FileSystemRights.Delete | FileSystemRights.ChangePermissions, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AuditFlags.Success));

此信息和更多的访问控制可以在找到由迈克尔·泰勒这个非常有用的页面。

This information and much more on access control can be found on this very useful page by Michael Taylor.