I'm developing a change tracking software to monitor files of a specific volume. I tried FileSystemWatcher (.NET) and AlternateDataStreams but they all have some limitations (ie. the change tracking software has to be on 24/7, alternate data streams to not work for ReadOnly files, etc.).
After some investigations I thought that I could directly read the NTFS change journal. This works great if the file is moved/renamed, etc. on the same volume. For identifying the file I'm using the File Reference Number.
But if the file is moved to another volume, the File Reference Number naturally changes.
My question: Is there a unique ID (GUID or something else) that doesn't change even if the file is moved to another volume?
Well...there can be a file GUID, but it's not there by default.
If you have the necessary permissions, you can race through the files and assign a GUID which will be preserved across NTFS volume moves. Your stated goal is exactly why the feature exists. It uses a somewhat unwieldy API called DeviceIOControl...which is used for a gazillion purposes...but one of it's control codes is FSCTL_CREATE_OR_GET_OBJECT_ID. Check here for details.
It only creates the GUID if one hasn't already been assigned...which is just how you want it to work. Of course, if the file moves to a non-NTFS volume, you're still outta luck.