The NTFSAccessControlEntry Resource will complete remove Audit Rules defined for a given path. Furthermore, there's also a bug that will not successfully set the defined permissions if the Local Service is the current owner. Both these bugs are addressed with the same code fix.
To Reproduce
Create a member server 2012 R2 configuration.
On a newly installed OS, modify the Application.evtx permissions.
When the Set-TargetResource runs, it will throw an error.
If audit rules are defined on any path where Set-TargetResource runs, those audit rules are completely removed.
Expected behavior
Apply a configuration without throwing an error or wiping any pre-defined audit rules for a given path.
Describe the bug
The NTFSAccessControlEntry Resource will complete remove Audit Rules defined for a given path. Furthermore, there's also a bug that will not successfully set the defined permissions if the Local Service is the current owner. Both these bugs are addressed with the same code fix.
To Reproduce
Expected behavior
Apply a configuration without throwing an error or wiping any pre-defined audit rules for a given path.
Screenshots