我正在尝试获取驱动器的每个文件夹后面的组权限以及组中每个成员的用户名,然后将其导出到CSV文件。
问题是该组在组之前具有目录名称,例如gescogroup/GR_blablabla
,因此我使用Gescogroup\
删除(Remove(0,12))
。
如您所见,我首先让用户选择他们想要分析的驱动器的文件夹,然后代码通过驱动器内的文件夹以及它获取组的每个文件夹,然后使用组的名称(删除) <创建所有者,“管理员”,“建立”等)我应该得到成员。
我的代码不起作用,但我没有错误。你能帮助我吗?
cls
$result = [System.Windows.MessageBox]::Show("Select the path of the drive.`n"+"Once the Drive is selected, a excel file will be made with all the informations`n"+"of the selected Harddrive's directory premissions")
if ($result = "OK")
{
Add-Type -AssemblyName System.Windows.Forms
$FolderBrowser = New-Object System.Windows.Forms.FolderBrowserDialog
[void]$FolderBrowser.ShowDialog()
$Selection = $FolderBrowser.SelectedPath
}
$result2 = [System.Windows.MessageBox]::Show("Pleas select where to save your file")
if ($result2 = "OK")
{
Add-Type -AssemblyName System.Windows.Forms
$FolderBrowser2 = New-Object System.Windows.Forms.FolderBrowserDialog
[void]$FolderBrowser2.ShowDialog()
$FolderBrowser2.Description = "Select where to save your file"
$Selection2 = $FolderBrowser2.SelectedPath
}
$title = "ADPermissions.csv"
$title2 = "ADPermissions2.csv"
$ss =$Selection1 -replace '[\W]', ''
$subtitle = "HardDrive"+ $ss
$OutFile = ($Selection2+"\"+$subtitle+$title)
Write-Host = $OutFile
Remove-Item $OutFile
$Header = "Folder Path,IdentityReference,names"
$RootPath = $Selection
$Folders = dir $RootPath | where {$_.psiscontainer -eq $true}
try {
foreach ($Folder in $Folders){$ACLs = get-acl $Folder.fullname | ForEach-Object { $_.Access }
Foreach ($ACL in $ACLs){
if($ACL.IdentityReference -notlike "Administrators" -and $ACL.IdentityReference -notlike "Creator Owner"-and $ACL.IdentityReference -notlike "BUILTIN\Administrators" -and $ACL.IdentityReference -notlike "NT AUTHORITY\SYSTEM" -and $ACL.IdentityReference -notlike "System")
{
$strAcl = $ACL.IdentityReference
$strAcls = $ACL.IdentityReference.ToString()
$strUsers=@()
$strNames=$strAcls.Remove(0,12)
$A = Get-ADGroupMember -identity $strNames -Recursive | Get-ADUser -Property DisplayName | Select Name | Sort-Object Name
foreach($strNames in $A)
{
$strUsers+=$A
}
}
}
}
$OutInfo = $Folder.fullname + "," + $trAcl+$strUsers
Add-Content -Value $OutInfo -Path $OutFile | sort-Object -Unique
}catch [System.IO.IOException] {
}
答案 0 :(得分:0)
这是解决方案:
try {
foreach ($Folder in $Folders){$ACLs = get-acl $Folder.fullname | ForEach-Object { $_.Access }
Foreach ($ACL in $ACLs){
if($ACL.IdentityReference -notlike "Administrators" -and $ACL.IdentityReference -notlike "Creator Owner"-and $ACL.IdentityReference -notlike "BUILTIN\Administrators" -and $ACL.IdentityReference -notlike "NT AUTHORITY\SYSTEM" -and $ACL.IdentityReference -notlike "System")
{
$strAcls = $ACL.IdentityReference.ToString()
$strUsers=@()
$strNames=$strAcls.Remove(0,12)
$A = Get-ADGroupMember -identity $strNames -Recursive | Get-ADUser -Property DisplayName | Select Name | Sort-Object Name
foreach ($env:USERNAME in $A){
$strUsers +=$env:USERNAME
}
$OutInfo = $Folder.fullname + "," + $ACL.IdentityReference + $strUsers
}
}
}
}catch [System.IO.IOException] {
}
}