configure audit policy

Auditpol

This command is new to Windows Server 2008 and Vista and is required for querying or configuring audit policy at the subcategory level. Before using this command to configure subcategories make sure you enable "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings".

This command is the only way you can configure audit policy at the subcategory level (Group Policy only allows you to configure audit policy at the category level). Furthermore auditpol does not accept a computer name for remotely configuring audit policy on another computer on the network; instead you must execute auditpol locally on each system.

To see the full syntax for this command run "auditpol /?" at the command line.

To get a listing of all categories and their subcategories, run:

auditpol /list /subcategory:*

To display the current audit policy for all subcategories run:

auditpol /get /category:*

Here's an example of enabling the File System subcategory for success and failure:

AUDITPOL /SET /SUBCATEGORY:"file system" /SUCCESS:ENABLE /FAILURE:ENABLE

SET ADMIN ONLY ACCESS PERMISSION ON A FILE

namespace PermissionTest

{

public class PermissionControl

{

List usernames = new List();

List adminusers = new List();

string file_path = "C:\\TEXT1.txt";

public PermissionControl()

{

try

{

GetALLUsersList();

Load_Admin_Users();

}

catch (Exception ex) {

MessageBox.Show(ex.ToString());

}

RemoveAccess(file_path);

}

// -- this function all the users of the system on the generic list --

private void GetALLUsersList()

{

DirectoryEntry directoryEntry = new DirectoryEntry("WinNT://" + Environment.MachineName);

foreach (DirectoryEntry child in directoryEntry.Children)

{

if (child.SchemaClassName == "User")

{

usernames.Add(child.Name);

}

}

}

// -- this function admin users of the system on the generic list --

private void Load_Admin_Users()

{

using (DirectoryEntry groupEntry = new DirectoryEntry("WinNT://./Administrators,group"))

{

foreach (object member in (IEnumerable)groupEntry.Invoke("Members"))

{

using (DirectoryEntry memberEntry = new DirectoryEntry(member))

{

adminusers.Add(memberEntry.Name);

//Console.WriteLine(memberEntry.Name);

}

}

}

//Console.ReadKey();

}

//--- this method is used to remove access of non admin users on a file --

private void RemoveAccess(string FilePath)

{

try

{

FileSecurity fs = File.GetAccessControl(FilePath);

foreach (string uname in usernames)

{

if (adminusers.Contains(uname) == false)

{

try

{

fs.AddAccessRule(new FileSystemAccessRule(System.Environment.UserDomainName + "\\" + uname, FileSystemRights.FullControl, AccessControlType.Deny));

File.SetAccessControl(FilePath, fs);

}

catch (System.Security.SecurityException se)

{

MessageBox.Show(se.ToString());

}

catch (Exception ex)

{

MessageBox.Show(ex.ToString());

}

}

}

}

catch (Exception ex)

{

MessageBox.Show(ex.ToString());

}

MessageBox.Show("Admin Permissions applied.", "Test");

// @System.Environment.UserDomainName\AccountName"

// "denied from FullControl access.");

}

}

static class Program

{

static string LogFile = Application.StartupPath + "\\LogFile.txt";

///

/// The main entry point for the application.

///

[STAThread]

static void Main()

{

//Application.EnableVisualStyles();

//Application.SetCompatibleTextRenderingDefault(false);

//Application.Run(new PermissionTest ());

// Execute the command synchronously.

// first of create a log file

if (!File.Exists(LogFile))

{

File.Create(LogFile);

}

PermissionControl p = new PermissionControl();

}

}

}

C# Indexers

C# introduces a new concept known as Indexerswhich are used for treating an object as an array. The indexers areusually known as smart arrays in C# community. Defining a C# indexer ismuch like defining properties. We can say that an indexer is a memberthat enables an object to be indexed in the same way as an array.

this [argument list]
{
get
{
// Get codes goes here
}
set
{
// Set codes goes here
}
}

Where the modifier can be private, public,protected or internal. The return type can be any valid C# types. The'this' is a special keyword in C# to indicate the object of the currentclass. The formal-argument-list specifies the parameters of theindexer. The formal parameter list of an indexer corresponds to that ofa method, except that at least one parameter must be specified, andthat the ref and out parameter modifiers are not permitted.Remember that indexers in C# must have at least one parameter. Otherwise the compiler will generate a compilation error.

The following program shows a C# indexer in action

// C#: INDEXER
// Author: rajeshvs@msn.com

using System;
using System.Collections;

class MyClass
{
private string []data = new string[5];
public string this [int index]
{
get
{
return data[index];
}
set
{
data[index] = value;
}
}
}

class MyClient
{
public static void Main()
{
MyClass mc = new MyClass();
mc[0] = "Rajesh";
mc[1] = "A3-126";
mc[2] = "Snehadara";
mc[3] = "Irla";
mc[4] = "Mumbai";
Console.WriteLine("{0},{1},{2},{3},{4}",mc[0],mc[1],mc[2],mc[3],mc[4]);
}
}

The indexers in C# can be overloaded just likemember functions. The formal parameter list of an indexer defines thesignature of the indexer. Specifically, the signature of an indexerconsists of the number and types of its formal parameters. The elementtype is not part of an indexer's signature, nor is the names of theformal parameters. The signature of an indexer must differ from thesignatures of all other indexers declared in the same class. C# do nothave the concept of static indexers. If we declare an indexer static,the compiler will show a compilation time error.

Indexers & Inheritance

Just like any other class members, indexerscan also participate in inheritance. A base class indexer is inheritedto the derived class.

//C#: Indexer : Inheritance
//Author: rajeshvs@msn.com
using System;
class Base
{
public int this[int indxer]
{
get
{
Console.Write("Base GET");
return 10;
}
set
{
Console.Write("Base SET");
}
}
}

class Derived : Base
{

}
class MyClient
{
public static void Main()
{
Derived d1 = new Derived();
d1[0] = 10;
Console.WriteLine(d1[0]);//Displays 'Base SET Base GET 10'
}
}

Indexers & Polymorphism

A Base class indexer can be polymorphicalyoverridden in a Derived class. But remember that the modifiers likevirtual, override etc are using at property level, not at accessorlevel.

//C#: Indexer : Polymorphism
//Author: rajeshvs@msn.com

using System;

class Base
{
public virtual int this[int index]
{
get
{
Console.Write("Base GET");
return 10;
}
set
{
Console.Write("Base SET");
}
}
}

class Derived : Base
{
public override int this[int index]
{
get
{
Console.Write("Derived GET");
return 10;
}
set
{
Console.Write("Derived SET");
}
}
}

class MyClient
{
public static void Main()
{
Base b1 = new Derived();
b1[0]= 10;
Console.WriteLine(b1[0]);//Displays 'Derived SET Derived GET 10'
}
}

Abstract Indexers

An indexer inside a class can be declared asabstract by using the keyword abstract. Remember that an abstractindexer in a class carries no code at all. The get/set accessors aresimply represented with a semicolon. In the derived class we mustimplement both set and get assessors.

If the abstract class contains only set accessor, we can implement only set in the derived class.

The following program shows an abstract indexer in action.

//C#: Indexer : Abstract
//Author: rajeshvs@msn.com

using System;

abstract class Abstract
{
public abstract int this[int index]
{
get;
set;
}
}

class Concrete : Abstract
{
public override int this[int index]
{
get
{
Console.Write(" GET");
return 10;
}
set
{
Console.Write(" SET");
}
}
}

class MyClient
{
public static void Main()
{
Concrete c1 = new Concrete();
c1[0] = 10;
Console.WriteLine(c1[0]);//Displays 'SET GET 10'
}
}



Indexers & Properties

1. An index is identified by it's signature. But a property is identified it's name.
2. An indexer is always an instance member, but a property can be static also.
3. An indexer is accessed through an element access. But a property is through a member access.