Hello all,
I am trying to audit a registry key with a logon script. I am tring to use the following code; however, I am getting errors with System.Security.AccessControl.RegistryAuditRule I am thinking the syntax for the user and permission is not correct, but I can't seem to find an example to work off of.
$acl = Get-Acl HKCU:\Software\Classes\CLSID
$rule = New-Object System.Security.AccessControl.RegistryAuditRule ("domain\user","success")
$acl.SetAccessRule($rule)
$acl |Set-Acl -Path HKCU:\Software\Classes\CLSID
Get-Acl HKCU:\Software\Classes\CLSID | fl *
If anyone has any ideas I am all ears.
Thanks,
Scott