Powershell:有没有办法枚举单个文件夹或文件的访问权限?
Powershell: Is there a way to enumerate access of a singular folder or file?
我 运行 一位用户提出了一个问题,要求披露谁有权访问特定文件夹。
我已经尝试过此脚本并获得了对文件夹的正确权限,但当前脚本包含所有子文件夹和文件并生成大量输出。
$path = "\fs1\" #define path to the shared folder
$reportpath ="C:\temp\ACL.csv" #define path to export permissions report
#script scans for directories under shared folder and gets acl(permissions) for all of them
dir -Recurse $path | where { $_.PsIsContainer } | % { $path1 = $_.fullname; Get-Acl $_.Fullname | % { $_.access | Add-Member -MemberType NoteProperty '.\Application Data' -Value $path1 -passthru }} | Export-Csv $reportpath
我已经尝试 运行 对 AD 进行单一查询,但它没有显示正确的 ACL 条目。有没有办法只查询单数folder/file?像这样的查询将有助于以后的请求。
谢谢 Santiago Squarzon 的评论。我按照你的建议进行了重现,并找到了预期的输出。
PowerShell 命令
$path = "C:\Users\" #define path to the shared folder
$reportpath ="C:\temp\ACL.txt" #define path to export permissions report
#script scans for directories under shared folder and gets acl(permissions) for all of them
dir $path | where { $_.PsIsContainer } | % { $path1 = $_.fullname; Get-Acl $_.Fullname | % { $_.access | Add-Member -MemberType NoteProperty '.\Application Data' -Value $path1 -passthru }} | Export-Csv $reportpath
输出-
我 运行 一位用户提出了一个问题,要求披露谁有权访问特定文件夹。
我已经尝试过此脚本并获得了对文件夹的正确权限,但当前脚本包含所有子文件夹和文件并生成大量输出。
$path = "\fs1\" #define path to the shared folder
$reportpath ="C:\temp\ACL.csv" #define path to export permissions report
#script scans for directories under shared folder and gets acl(permissions) for all of them
dir -Recurse $path | where { $_.PsIsContainer } | % { $path1 = $_.fullname; Get-Acl $_.Fullname | % { $_.access | Add-Member -MemberType NoteProperty '.\Application Data' -Value $path1 -passthru }} | Export-Csv $reportpath
我已经尝试 运行 对 AD 进行单一查询,但它没有显示正确的 ACL 条目。有没有办法只查询单数folder/file?像这样的查询将有助于以后的请求。
谢谢 Santiago Squarzon 的评论。我按照你的建议进行了重现,并找到了预期的输出。
PowerShell 命令
$path = "C:\Users\" #define path to the shared folder
$reportpath ="C:\temp\ACL.txt" #define path to export permissions report
#script scans for directories under shared folder and gets acl(permissions) for all of them
dir $path | where { $_.PsIsContainer } | % { $path1 = $_.fullname; Get-Acl $_.Fullname | % { $_.access | Add-Member -MemberType NoteProperty '.\Application Data' -Value $path1 -passthru }} | Export-Csv $reportpath
输出-