1

したがって、基本的に、NTFSに対して次のような出力を生成する以下のスクリプトがあります。

Folder Path   IdentityReference    AccessControlType     IsInherited        InheritanceFlags    PropagationFlags
E:\Folder\    DOMAIN\User1         Allow                 True/False         ContainerInherit     Object Inherit
E:\Folder\    DOMAIN\User2         Deny                  True/False         ContainerInherit     Object Inherit

これは便利ですが、フラグAllow/Denyを示す出力を取得できるのではなく、さらに良いでしょう。Read/Write/Modify/FullControl

私の以下のコードを参照してください、どんなアイデアでも大歓迎です!

$OutFile = "C:\Permissions.csv"
$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited,InheritanceFlags,PropagationFlags"
Del $OutFile
Add-Content -Value $Header -Path $OutFile 

$RootPath = "E:\Folder"

$Folders = dir $RootPath -recurse | where {$_.psiscontainer -eq $true}

foreach ($Folder in $Folders){
    $ACLs = get-acl $Folder.fullname | ForEach-Object { $_.Access  }
    Foreach ($ACL in $ACLs){
    $OutInfo = $Folder.Fullname + "," + $ACL.IdentityReference  + "," + $ACL.AccessControlType + "," + $ACL.IsInherited + "," + $ACL.InheritanceFlags + "," + $ACL.PropagationFlags
    Add-Content -Value $OutInfo -Path $OutFile
    }}
4

2 に答える 2

2

お探しの物件はです$ACL.FileSystemRights

$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited," +
          "InheritanceFlags,PropagationFlags,FileSystemRights"

#...

$OutInfo = $Folder.Fullname + "," + $ACL.IdentityReference  + "," +
           $ACL.AccessControlType + "," + $ACL.IsInherited + "," +
           $ACL.InheritanceFlags + "," + $ACL.PropagationFlags + "," +
           $ACL.FileSystemRights
于 2013-03-13T20:30:28.827 に答える
2

関数でラップしたい人はこれを試してください:

Function Get-FolderPermissions {
 Param($FolderPath)

If(-not (Test-Path $FolderPath)){

    Write-Warning "$FolderPath not valid!"
    return

}

$FolderPath = $(Get-Item $FolderPath).fullname

$ACLs = Get-Acl $FolderPath | ForEach-Object { $_.Access  }

$ACLs | Select-Object @{n='FolderPath';e={$FolderPath}}, IdentityReference, AccessControlType, IsInherited, InheritanceFlags, PropagationFlags, FileSystemRights


}

次に、次のようにCSVにエクスポートできます。

Get-FolderPermissions 'C:\Folder' | Export-Csv 'C:\Results.csv' -NoTypeInfo

または、親フォルダーの複数のフォルダー:

$Folders = Get-ChildItem 'C:\Folder' -recurse | where {$_.psiscontainer -eq $true}
$Folders | %{ Get-FolderPermissions $_.FullName } | Export-Csv 'C:\Results.csv' -NoTypeInfo
于 2014-06-23T13:37:19.663 に答える