具有修改日期的NTFS权限

时间:2015-10-27 21:02:54

标签: powershell acl

我想将服务器上的文件夹和子文件夹的NTFS权限导出为CSV。 它应该向用户和组显示文件夹的权限和上次修改日期。

这是我到目前为止所获得的内容,但它没有显示修改日期,并且它导出了无组织。

Get-ChildItem C:\FILES\ -Recurse | where {$_.PSIsContainer} |
  Get-Acl | % {
    $path = $_.Path
    $_.Access | % {
      New-Object PSObject -Property @{
        Folder      = $path.Replace("Microsoft.PowerShell.Core\FileSystem::", "")
        Access      = $_.FileSystemRights
        Control     = $_.AccessControlType
        User        = $_.IdentityReference
        Inheritance = $_.IsInherited
      }
    }
  } | ? {$_.Inheritance} | Export-Csv C:\Users\test_dump.csv -Force

2 个答案:

答案 0 :(得分:0)

这是一个使用复杂的oneliner伤害你的情况。实际的脚本更具可读性。

# set path to search
$SearchPath = 'C:\FILES'

# file for results
$ExportFile = 'C:\temp\testdump.csv'

# get list of folders
# if you're using PS v2 use | where{$_.psIsContainer} instead of -Directory to filter for directories
$FolderList = Get-ChildItem $SearchPath -Directory -Recurse

# get list of subfolders
foreach ($Folder in $FolderList) {
    $FolderACL = Get-Acl $Folder.FullName 

    # get list of access objects for each folder
    foreach ($Access in $FolderACL.Access) {

        # Filter to only show explicit permissions
        # if ($Access.IsInherited) { Return }

        # custom object to hold the access object + path + lastwrite
        $export = New-Object -TypeName PSObject -Property @{
            Folder  = $FolderACL.Path.Replace("Microsoft.PowerShell.Core\FileSystem::","")
            Access  = $Access.FileSystemRights
            Control = $Access.AccessControlType
            User    = $Access.IdentityReference
            Inheritance = $Access.IsInherited
            LastModified = $Folder.LastWriteTime
        }
        $export | Export-CSV -Path $ExportFile -NoTypeInformation -Append

    }

}

在您的管道中,您有| ? {$_.Inheritance}。这只会显示您继承的权限。我怀疑你想要反其道而行之。如果是这种情况,请取消注释显式权限过滤器。

答案 1 :(得分:0)

ForEach-Object之前移动一个Get-Acl,并使用DirectoryInfo个对象获取路径和修改时间。我还会在创建对象之前过滤继承的权限(先创建对象然后将它们丢弃是浪费资源)。

$root = 'C:\files'
$csv  = 'C:\path\to\test_dump.csv'

Get-ChildItem $root -Recurse |
  Where-Object { $_.PSIsContainer } |
  ForEach-Object {
    $dir = $_
    Get-Acl $dir | Select-Object -Expand Access |
      Where-Object { $_.IsInherited } |
      ForEach-Object {
        New-Object PSObject -Property @{
          Folder       = $dir.FullName
          Access       = $_.FileSystemRights
          Control      = $_.AccessControlType
          User         = $_.IdentityReference
          Inheritance  = $_.IsInherited
          LastModified = $dir.LastWriteTime
        }
      }
  } | Export-Csv $csv -Force

如果您至少拥有PowerShell v3,则可以使用Get-ChildItem -Directory而不必过滤$_.PSIsContainer

相关问题
最新问题