1. 首頁
  2. 問答
  3. NTFS審計使用PowerShell

NTFS審計使用PowerShell

2013-03-13 76 views
1

所以基本上我有以下腳本生成類似輸出遵循NTFS:NTFS審計使用PowerShell

Folder Path IdentityReference AccessControlType  IsInherited  InheritanceFlags PropagationFlags 
E:\Folder\ DOMAIN\User1   Allow     True/False   ContainerInherit  Object Inherit 
E:\Folder\ DOMAIN\User2   Deny     True/False   ContainerInherit  Object Inherit

雖然這是非常有用的,它甚至會更好,如果不是剛剛Allow/Deny我能得到一個輸出,表示,Read/Write/Modify/FullControl標誌。

看到我的下面的代碼,任何想法表示讚賞!

$OutFile = "C:\Permissions.csv" 
$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited,InheritanceFlags,PropagationFlags" 
Del $OutFile 
Add-Content -Value $Header -Path $OutFile 

$RootPath = "E:\Folder" 

$Folders = dir $RootPath -recurse | where {$_.psiscontainer -eq $true} 

foreach ($Folder in $Folders){ 
    $ACLs = get-acl $Folder.fullname | ForEach-Object { $_.Access } 
    Foreach ($ACL in $ACLs){ 
    $OutInfo = $Folder.Fullname + "," + $ACL.IdentityReference + "," + $ACL.AccessControlType + "," + $ACL.IsInherited + "," + $ACL.InheritanceFlags + "," + $ACL.PropagationFlags 
    Add-Content -Value $OutInfo -Path $OutFile 
    }}

來源

2013-03-13 PnP

回答

2

您正在尋找的房產是$ACL.FileSystemRights

$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited," + 
      "InheritanceFlags,PropagationFlags,FileSystemRights" 

#... 

$OutInfo = $Folder.Fullname + "," + $ACL.IdentityReference + "," + 
      $ACL.AccessControlType + "," + $ACL.IsInherited + "," + 
      $ACL.InheritanceFlags + "," + $ACL.PropagationFlags + "," + 
      $ACL.FileSystemRights

來源

2013-03-13 20:30:28

2

對於那些誰想要它包裹在一個函數試試這個:

Function Get-FolderPermissions { 
Param($FolderPath) 

If(-not (Test-Path $FolderPath)){ 

    Write-Warning "$FolderPath not valid!" 
    return 

} 

$FolderPath = $(Get-Item $FolderPath).fullname 

$ACLs = Get-Acl $FolderPath | ForEach-Object { $_.Access } 

$ACLs | Select-Object @{n='FolderPath';e={$FolderPath}}, IdentityReference, AccessControlType, IsInherited, InheritanceFlags, PropagationFlags, FileSystemRights 


}

然後你可以導出爲CSV這樣的:從父文件夾

Get-FolderPermissions 'C:\Folder' | Export-Csv 'C:\Results.csv' -NoTypeInfo

或者多個文件夾:

$Folders = Get-ChildItem 'C:\Folder' -recurse | where {$_.psiscontainer -eq $true} 
$Folders | %{ Get-FolderPermissions $_.FullName } | Export-Csv 'C:\Results.csv' -NoTypeInfo

來源

2014-06-23 13:37:19 OneLogicalMyth

相關問題

 相關問題