小贝子编程

获取个人文件夹权限Powershell



我被要求写一个脚本,它将接受一个目标,然后输出具有各自权限的文件夹和子文件夹。

我已经得到了我认为是一个工作脚本,但已被告知,他们想要实际的权限类型。这真的可以用Get-ACL来完成吗?有人能给我指出正确的方向吗?我不知道从哪里开始,也没有太多使用Powershell的经验。

Add-Type -AssemblyName System.Windows.Forms
$info = ""
$OutputString = ""
$step = 0
$File = "C:GowerFolderPermissions.txt"
function DisplayForm{
$OutputString = ""
#Some GUI Code here taken out for readability
if ($result -eq [System.Windows.Forms.DialogResult]::OK)
{
    $baseFolder = $textBox.Text
    $folderTest = Test-Path $baseFolder
    if($folderTest -eq "True"){
        "$baseFolder `r`n" | Out-File $File -Append
        Extract-Permissions($baseFolder)
        "`r`n`r`n" | Out-File $File -Append
        #OutputList
        $info = "SAVED TO $File"
        "Process complete `r`nFile Located at: $file"
        DisplayForm
    }else{
        $info = "$baseFolder not found"
        DisplayForm
    }
}
}
function outputList{
    $OutputString
}

function Extract-Permissions($baseFolder) {
    $folders = Get-ChildItem $baseFolder | Where-Object { $_.PSisContainer }
    $baseACL = (Get-Acl $baseFolder).Access | Select-Object -ExpandProperty IdentityReference 
"$baseFolder : $baseACL" | Out-File $File -Append
if($folders.Count -ne 0){
    foreach($folder in $folders) {
        $folderACL = (Get-Acl $folder.FullName).Access | Select-Object -ExpandProperty IdentityReference
        $childFolders = Get-ChildItem $folder.FullName | Where-Object { $_.PSisContainer }
        "$($folder.FullName) : $folderACL" | Out-File $File -Append
        if($childFolders.Count -gt 0){
            foreach($childFolder in $childFolders) {
                $childACL = (Get-Acl $childFolder.FullName).Access | Select-Object -ExpandProperty IdentityReference
                if(Compare-Object $childACL $folderACL) {
                    Extract-Permissions $childFolder.FullName
                } else {
                    "$($childFolder.FullName) : $childACL" | Out-File $File -Append
                }
            }
        }
    }
}
}
DisplayForm

下面的代码将会给我一个看起来像这样的列表:

C:temp : BUILTINAdministrators BUILTINAdministrators NT AUTHORITYSYSTEM NT AUTHORITYSYSTEM BUILTINUsers NT AUTHORITYAuthenticated Users NT AUTHORITYAuthenticated Users
C:tempdu : BUILTINAdministrators BUILTINAdministrators NT AUTHORITYSYSTEM NT AUTHORITYSYSTEM BUILTINUsers NT AUTHORITYAuthenticated Users NT AUTHORITYAuthenticated Users
C:tempGower : BUILTINAdministrators BUILTINAdministrators NT AUTHORITYSYSTEM NT AUTHORITYSYSTEM BUILTINUsers NT AUTHORITYAuthenticated Users NT AUTHORITYAuthenticated Users
C:temppenout : BUILTINAdministrators BUILTINAdministrators NT AUTHORITYSYSTEM NT AUTHORITYSYSTEM BUILTINUsers NT AUTHORITYAuthenticated Users NT AUTHORITYAuthenticated Users
C:tempProjects : NT AUTHORITYSYSTEM DOMAINDomain Users DOMAINTestAdmin
C:tempProjectsA000 - Test0 : DOMAINDomain Users NT AUTHORITYSYSTEM DOMAINTestAdmin
C:tempProjectsA122 - Test12 : DOMAINDomain Users NT AUTHORITYSYSTEM DOMAINTestAdmin
C:tempProjectsA212 - TestA13 : DOMAINDomain Users NT AUTHORITYSYSTEM DOMAINTestAdmin
C:tempProjectsTemplate : DOMAINsam DOMAINDomain Users NT AUTHORITYSYSTEM DOMAINTestAdmin

您可以从对象(Get-Acl $baseFolder).Access中获得读、写和执行类型,它们被列为FileSystemRights。下面的函数将提取FileSystemRights数据并将其添加到权限名称旁边。BUILTINAdministrators-FullAccess

function Extract-Permissions($baseFolder) {
    $baseACLAccess = (Get-Acl $baseFolder).Access
    $folders = Get-ChildItem $baseFolder | Where-Object { $_.PSisContainer }
    $baseACL = $baseACLAccess | Select-Object -ExpandProperty IdentityReference 
    # Sort out output
    $BaseOutperms = ""
    $baseACLAccess | Foreach {$BaseOutperms += " "+$_.IdentityReference+"-"+$_.FileSystemRights }
    "$baseFolder : $BaseOutperms" | Out-File $File -Append
    if($folders.Count -ne 0){
        foreach($folder in $folders) {
            $ACLAccess = (Get-ACL $folder.FullName).Access
            $folderACL = $ACLAccess | Select-Object -ExpandProperty IdentityReference
            $childFolders = Get-ChildItem $folder.FullName | Where-Object { $_.PSisContainer }
            # Sort out output 
            $outperms = ""
            $ACLAccess | Foreach {$outperms += " "+$_.IdentityReference+"-"+$_.FileSystemRights }
            "$($folder.FullName) : $outperms" | Out-File $File -Append
            if($childFolders.Count -gt 0){
                foreach($childFolder in $childFolders) {
                    $childACLAccess = (Get-Acl $childFolder.FullName).Access
                    $childACL = $childACLAccess | Select-Object -ExpandProperty IdentityReference
                    if(Compare-Object $childACL $folderACL) {
                        Extract-Permissions $childFolder.FullName
                    } else {
                        # Sort out output 
                        $ChildOutperms = ""
                        $childACLAccess | Foreach {$ChildOutperms += " "+$_.IdentityReference+"-"+$_.FileSystemRights }
                        "$($childFolder.FullName) : $ChildOutperms" | Out-File $File -Append
                    }
                }
            }
        }
    }
}

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium