Check-in [08100351ec]
Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Query permission groups for folders (Get-ACL) |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
08100351ec04518acfa306319d618cb3 |
| User & Date: | mario 2018-05-16 18:13:22 |
Context
|
2018-05-16
| ||
| 18:13 | AD search for user properties, with a few (unpractical) sample -Filters. check-in: 09ab7c0a65 user: mario tags: trunk | |
| 18:13 | Query permission groups for folders (Get-ACL) check-in: 08100351ec user: mario tags: trunk | |
| 18:13 | Add users to multiple groups, or query existing membership of users. check-in: aaf317d39d user: mario tags: trunk | |
Changes
Added tools/bulk/GetACLs.ps1.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# api: multitool
# version: 0.1
# title: Get-ACLs for dir
# description: list permitted groups to access a path
# type: inline
# category: bulk
# icon: folder
# vars:
# { name: paths, type: text, value="\\our.central.dfs\Groups\XYUS-Checkins", description: Fetch ACL list for paths }
# hidden: 0
# status: beta
# config: -
#
# Get group permissions for path
#
# ❏ either single or list of path (one per line, or semicolon-separated)
#
Param(
$paths = (Read-Host "Paths"),
$filter = "^(BUILTIN|NT AUTH)|Administrators|\\evservice"
);
$paths = $paths -split "(\s*[\n;]\s*)+" | ? { $_ -match "\\\\\w+" }
ForEach ($p in $paths) {
Write-Host -f Yellow "📂 $p"
try {
$a = (Get-Acl $p).Access | ? { $_.IdentityReference -notmatch $filter }
($a |Select IdentityReference, FileSystemRights | FL | Out-String).trim() | Write-Host
}
catch {
Write-Host -f Red "✘ no acl found (Nasuni?)"
}
}
|