所以基本上我有下面的脚本,它为 NTFS 生成如下输出:
Folder Path IdentityReference AccessControlType IsInherited InheritanceFlags PropagationFlags
E:\Folder\ DOMAIN\User1 Allow True/False ContainerInherit Object Inherit
E:\Folder\ DOMAIN\User2 Deny True/False ContainerInherit Object Inherit
Allow/Deny
虽然这很有用,但如果我能得到一个指示Read/Write/Modify/FullControl
标志的输出而不是我会更好。
请参阅我的以下代码,任何想法都值得赞赏!
$OutFile = "C:\Permissions.csv"
$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited,InheritanceFlags,PropagationFlags"
Del $OutFile
Add-Content -Value $Header -Path $OutFile
$RootPath = "E:\Folder"
$Folders = dir $RootPath -recurse | where {$_.psiscontainer -eq $true}
foreach ($Folder in $Folders){
$ACLs = get-acl $Folder.fullname | ForEach-Object { $_.Access }
Foreach ($ACL in $ACLs){
$OutInfo = $Folder.Fullname + "," + $ACL.IdentityReference + "," + $ACL.AccessControlType + "," + $ACL.IsInherited + "," + $ACL.InheritanceFlags + "," + $ACL.PropagationFlags
Add-Content -Value $OutInfo -Path $OutFile
}}