我只是做了一个PowerShell脚本,列出了我所有服务器的所有共享文件夹,并获得了它们的所有NTFS权限。
大行:
Get-ADComputer -LDAPFilter "(&(objectcategory=computer)(OperatingSystem=*server*))" -Properties name |
Select-Object name -ExpandProperty name >> "$path\servers.txt"
foreach ($_ in Get-Content "$path\servers.txt") {
Get-WmiObject Win32_Share -Computer $_ |
Format-Table path -AutoSize |
Out-File "$path\Path\$_.txt"
}
foreach ($SharedFolder in $SharedFolders) {
$lecteur = [int][char]'A'
1..26 | ForEach-Object {
$LR = [char]$lecteur
$contenu = [System.IO.File]::ReadAllText("$lgpath\$SharedFolder.txt").Replace("${LR}:", "\\$SharedFolder\$LR$").Replace("path", "").Replace("----", "").Replace(" ", "").Replace("\ ", "\")
[System.IO.File]::WriteAllText("$lgpath\$SharedFolder.txt", $contenu)
$lecteur++
}
(Get-Content "$lgpath\$SharedFolder.txt" | Where-Object {
$_ -notmatch '^\s*$'
}) | Out-File "$lgpath\$SharedFolder.txt"
}
foreach ($SharedFolder in $SharedFolders) {
$droits = foreach ($ligne in Get-Content "$lgpath\$SharedFolder.txt") {
Get-NTFSAccess -Path "$ligne"
}
$droits |
select Fullname, Account, AccessRights, InheritanceEnabled |
Export-Csv "$Path\NTFS\NTFS_$SharedFolder.csv" -NoTypeInformation -Delimiter ";" -Encoding UTF8
}
这目前可以正常工作,但我想提供更多信息:最后一个在每个文件夹上编辑NTFS权限的帐户。