Powershell File sharing Permissions Report

Configurare noua (How To)

Situatie

De multe ori se cere să se verifice permisiunile de folder pentru un utilizator dintr-un anumit loc pe unul dintre serverele noastre. Am scris un script foarte simplu pentru a-mi aduce această informație.

Solutie

Acest lucru solicită utilizatorului: “Introduceți o cale UNC” care, o dată introdusă, merge și ia permisiile NTFS, precum și permisiunile SMB Share.

Powershell Code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Write-Host
$path Read-host “Enter a UNC Path: ”
$pathparts $path.split("")
$ComputerName $pathparts[2]
$ShareName $pathparts[3]
Write-Host "File Sharing Permissions Report - $path"
Write-Host
$acl Get-Acl $path
Write-Host "File/NTFS Permissions"
Write-Host
foreach($accessRule in $acl.Access)
{
Write-Host "   " $accessRule.IdentityReference $accessRule.FileSystemRights
}
Write-Host
Write-Host "Share/SMB Permissions"
Write-Host
$Share Get-WmiObject win32_LogicalShareSecuritySetting -Filter "name='$ShareName'" -ComputerName $ComputerName
if($Share){
$obj = @()
$ACLS $Share.GetSecurityDescriptor().Descriptor.DACL
foreach($ACL in $ACLS){
$User $ACL.Trustee.Name
if(!($user)){$user $ACL.Trustee.SID}
$Domain $ACL.Trustee.Domain
switch($ACL.AccessMask)
{
2032127 {$Perm "Full Control"}
1245631 {$Perm "Change"}
1179817 {$Perm "Read"}
}
Write-Host "   $Domain$user  $Perm"
}
}
Write-Host

Exemplu output:

.Get-Permissions-NTFS-SMB.ps1

Enter a UNC Path: : filesrvWorking Groups
File Sharing Permissions Report - filesrvWorking Groups

File/NTFS Permissions

    BUILTINAdministrators FullControl
    DOMAINDomain Admins FullControl
    DOMAINDomain Users ReadAndExecute, Synchronize
    DOMAINFolder - File Server Admins FullControl

Share/SMB Permissions

   DOMAINDomain Admins  Full Control
   DOMAINDomain Users  Full Control

Tip solutie

Permanent

Voteaza

(9 din 17 persoane apreciaza acest articol)

Despre Autor

Leave A Comment?