Permissions Issue with Files Generated by PerfMon

Solution 1:

Data Collector Sets can contain sensitive information about the computer, so access to them typically requires the user at least be a member of the Performance Log Users group. I don't believe you can make a DCS with automatically modified permissions (Everyone FullControl) like you're talking about.

How's this for a workaround:

Run this PS script as a Scheduled Task:

$Path = "C:\PerfLogs\Admin\New Data Collector Set"
$ACL  = (Get-Item $Path).GetAccessControl("Access")
$ACE  = New-Object System.Security.AccessControl.FileSystemAccessRule("Everyone", "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow")
$ACL.AddAccessRule($ACE)
ForEach($_ In Get-ChildItem $Path -Recurse)
{
    Set-Acl -ACLObject $ACL $_.FullName
}

I tested this on Windows 7 with PS 2.0 (same as 2008R2) and confirmed that it does place an "Everyone Full Control" ACE on every object recursively under the directory defined in the $Path variable.

edit: At first I thought to use the Task tab in the Properties page of the DCS, "Run this scheduled task when the data collector set stops," but that is not for Scheduled Tasks, but rather WMI tasks.

edit #2: Alright, this is getting pretty crazy, but you could create a new Scheduled Task, and its trigger will be to start "On an event." Then click Custom, and click "New Event Filter." Then manually edit the XML filter:

<QueryList>
  <Query Id="0" Path="Microsoft-Windows-TaskScheduler/Operational">
    <Select Path="Microsoft-Windows-TaskScheduler/Operational">
        *[System[TimeCreated[timediff(@SystemTime) &lt;= 3600000]]]
         and
        *[System[(EventID='102')]]
         and
        *[EventData[Data and (Data='YOUR DATA COLLECTOR SET NAME')]] 
    </Select>
  </Query>
</QueryList>

Now you will have created a scheduled task that will fire when your Data Collector Set finishes running, and it will modify the ACLs of the directory structure recursively to "Everyone Full Control."