支持所有版本。
如果你需要在文件服务器上审计权限,这里有一个解决办法:
下面脚本递归查询WINDOWS目录,只需要替换路径就可以查询其它区域目录了:
$Path = 'C:\Windows' Get-ChildItem -Path $Path -Recurse -Directory -ErrorAction SilentlyContinue | ForEach-Object { $result = $_ | Select-Object -Property FullName, ExplicitePermissions, Count, Preview $result.ExplicitePermissions = (Get-Acl -Path $_.FullName -ErrorAction SilentlyContinue).Access | Where-Object { $_.isInherited -eq $false } $result.Count = $result.ExplicitePermissions.Count $result.Preview = $result.ExplicitePermissions.IdentityReference -join ',' if ($result.ExplicitePermissions.Count -gt 0) { $result } } | Out-GridView
脚本将读取每个子目标的安全信息并找出其中非继承的,如果发现非继承的对象将被记录。
结果将已窗口形式输出,如果去掉Out-GridView,结果将直接从控制台输出。
PS> G:\ FullName ExplicitePermissions Count Preview -------- -------------------- ----- ------- C:\windows\addins {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR... C:\windows\AppPatch {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR... C:\windows\Boot {System.Security.Access... 8 NT AUTHORITY\SYSTEM,NT ... C:\windows\Branding {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR... C:\windows\Cursors {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR... C:\windows\de-DE {System.Security.Access... 9 CREATOR OWNER,NT AUTHOR... C:\windows\diagnostics {System.Security.Access... 8 NT AUTHORITY\SYSTEM,NT ... C:\windows\Downloaded P... {System.Security.Access... 11 CREATOR OWNER,NT AUTHOR...
原文地址:Creating NTFS Security Report
本文链接: https://www.pstips.net/creating-ntfs-security-report.html
请尊重原作者和编辑的辛勤劳动,欢迎转载,并注明出处!
请尊重原作者和编辑的辛勤劳动,欢迎转载,并注明出处!