Skript, mis küsib ACL-i objekte AD-st - Powershell

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Skripti kasutamiseks läheb vaja PowerGUI koos AD powerpack-iga. Skript ei käi läbi alamkatalooge ja faile.

#
# Lauri Liibert AK21 2011
# Powershell skript
#
#

# kausta valmise funktsioon, avab anka kus saab hiirega valida 
function Select-Folder($message='Vali kaust', $path = 0) {
   $bf = New-Object -comObject Shell.Application  
   $folder = $bf.BrowseForFolder(0, $message, 0, $path)  
   if ($folder -ne $null) {
     $folder.self.Path  
   }
}

$pwd = pwd # kataloog kus hetkel oleme
$result = "\tulemus.txt" # faili nimi kuhu salvestame
$file = $pwd + $result #liidame pwd ja faili kokku
$dir = Select-Folder # käivitame kausta funktsiooni

echo "***" > $file
echo "Folder premissions" >> $file
echo "***" >> $file

$acl = Get-ChildItem $dir | Get-Acl # küsime kasusta acl-i, ainult kaustad
$list = $acl | ForEach-Object {$_.Access} | ForEach-Object {$_.IdentityReference} | Sort-Object | Get-Unique # leiame unikaalsed õigused

$rs = "Microsoft.PowerShell.Core\\FileSystem\:\:" 

#Kuvame kaustad mis pärivad õiguseid.
echo "---" >> $file
echo "Is Inherited: $dir"  >> $file
echo "---" >> $file
foreach ($item in $acl) {
	$path = $item | Foreach {$_.Path -replace $rs, ""} #kustutame path eest koleda rea, selle jaoks on tegelikult korralik command olemas
	$parib = $item | ForEach-Object {$_.Access} | ForEach-Object {$_.IsInherited} | Get-Unique	
	if($parib) {$path >> $file} else {$isinherited = $true}
}

Get-Acl $dir | ForEach-Object {$_.Access} | Format-Table FileSystemRights, IdentityReference -HideTableHeaders -AutoSize >> $file

#Kuvame kaustad mis ei päri õiguseid.
if ($isinherited){
	echo "---" >> $file
	echo "Isn't Inherited" >> $file
	echo "---" >> $file
	foreach ($item in $acl) {
		$path = $item | Foreach {$_.Path -replace $rs, ""}
		$parib = $item | ForEach-Object {$_.Access} | ForEach-Object {$_.IsInherited} | Get-Unique	
		if(!$parib) {
			$path >> $file
			$item | ForEach-Object {$_.Access} | Format-Table FileSystemRights, IdentityReference -HideTableHeaders -AutoSize >> $file
		}
	}
}

echo "***" >> $file
echo "Group Users" >> $file
echo "***" >> $file

# kuvame grupi inimesed
foreach ($item in $list) {
	$groups = $item.ToString()
	$c1 = @{Expression={$_.name};Label=$groups;}
	$type = Get-QADObject $groups | ForEach-Object {$_.Type} | Get-Unique	
	if($type -eq "group"){
		Get-QADGroupMember $groups -IncludedProperties name |
		Format-Table $c1 >> $file
	}
}

Skript, mis küsib ACL-i objekte AD-st - Powershell

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools