支持所有版本。
如果你需要在文件服务器上审计权限,这里有一个解决办法:
下面脚本递归查询WINDOWS目录,只需要替换路径就可以查询其它区域目录了:
$Path = 'C:\Windows'
Get-ChildItem -Path $Path -Recurse -Directory -ErrorAction SilentlyContinue |
ForEach-Object {
$result = $_ | Select-Object -Property FullName, ExplicitePermissions, Count, Preview
$result.ExplicitePermissions = (Get-Acl -Path $_.FullName -ErrorAction SilentlyContinue).Access |
Where-Object { $_.isInherited -eq $false }
$result.Count = $result.ExplicitePermissions.Count
$result.Preview = $result.ExplicitePermissions.IdentityReference -join ','
if ($result.ExplicitePermissions.Count -gt 0)
{
$result
}
} | Out-GridView
脚本将读取每个子目标的安全信息并找出其中非继承的,如果发现非继承的对象将被记录。
结果将已窗口形式输出,如果去掉Out-GridView,结果将直接从控制台输出。
PS> G:\
FullName ExplicitePermissions Count Preview
-------- -------------------- ----- -------
C:\windows\addins {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR...
C:\windows\AppPatch {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR...
C:\windows\Boot {System.Security.Access... 8 NT AUTHORITY\SYSTEM,NT ...
C:\windows\Branding {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR...
C:\windows\Cursors {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR...
C:\windows\de-DE {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR...
C:\windows\diagnostics {System.Security.Access... 8 NT AUTHORITY\SYSTEM,NT ...
C:\windows\Downloaded P... {System.Security.Access... 11 CREATOR OWNER,NT AUTHOR...
原文地址:Creating NTFS Security Report
本文链接: https://www.pstips.net/creating-ntfs-security-report.html
请尊重原作者和编辑的辛勤劳动,欢迎转载,并注明出处!
请尊重原作者和编辑的辛勤劳动,欢迎转载,并注明出处!