get-Acl命令查看远程服务器文件夹权限时,本地用户和组显示为SID


PowerShell交流中心分类: 文件和注册表get-Acl命令查看远程服务器文件夹权限时,本地用户和组显示为SID
0
funnyben asked 4年 ago

你好!
我这边想请问一下,当我用get-Acl这个命令去拿远程服务器上文件夹的权限的时候,如果文件夹权限里面有本地用户和组,则显示为SID, 有何办法可以解决,或者什么思路,谢谢!
PS C:\Users\Administrator> Get-Acl -Path \\file01\Shared |fl

Path : Microsoft.PowerShell.Core\FileSystem::\\file01\Shared
Owner : BUILTIN\Administrators
Group : G:S-1-5-21-2507041524-4033252695-3107390213-513
Access : BUILTIN\Administrators Allow FullControl
CONTOSO\CO_D_Shared_C Allow Modify, Synchronize
CONTOSO\CO_D_Shared_R Allow ReadAndExecute, Synchronize
S-1-5-21-2507041524-4033252695-3107390213-1002 Allow ReadAndExecute, Synchronize
S-1-5-21-2507041524-4033252695-3107390213-1003 Allow Modify, Synchronize
BUILTIN\Administrators Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
CREATOR OWNER Allow 268435456
BUILTIN\Users Allow ReadAndExecute, Synchronize
BUILTIN\Users Allow AppendData
BUILTIN\Users Allow CreateFiles
Audit :
Sddl : O:BAG:S-1-5-21-2507041524-4033252695-3107390213-513D:AI(A;;FA;;;BA)(A;OICI;0x1301bf;;;S-1-5-21-2202709787-3434
925800-3233083121-1105)(A;OICI;0x1200a9;;;S-1-5-21-2202709787-3434925800-3233083121-1106)(A;OICI;0x1200a9;;;S-
1-5-21-2507041524-4033252695-3107390213-1002)(A;OICI;0x1301bf;;;S-1-5-21-2507041524-4033252695-3107390213-1003
)(A;OICIID;FA;;;BA)(A;OICIID;FA;;;SY)(A;OICIIOID;GA;;;CO)(A;OICIID;0x1200a9;;;BU)(A;CIID;LC;;;BU)(A;CIID;DC;;;
BU)

×用微信扫描并分享
2 Answers
0
Best Answer
Mooser Lee 管理员 answered 4年 ago
$localIdentityPrefix = @('BUILTIN','NT AUTHORITY','CREATOR OWNER')

$dirAcl = Get-Acl '\\pstips.net\share\'
$dirAcl.Access | foreach {
 $sName = $_.IdentityReference.value
 $prefix = $sName.Split('\')[0]
 if($localIdentityPrefix -contains $prefix){
 $NTAccount = New-Object System.Security.Principal.NTAccount($sName)
 $NTAccount.Translate([System.Security.Principal.SecurityIdentifier]).value
 }
 else {
 $sName
 }
}
0
funnyben answered 4年 ago

感谢回复,但是我这个问题是本地用户和组的信息无法拿到。比如下面这个就是ACL出来的结果,是一串SID,这个有办法解决吗?
我尝试过使用invoke-command命令。可以拿到远程服务器的本地用户和组的信息,但是效果不是很理想
S-1-5-21-2507041524-4033252695-3107390213-1002 Allow ReadAndExecute, Synchronize
S-1-5-21-2507041524-4033252695-3107390213-1003 Allow Modify, Synchronize