Fatal编程技术网

访问权和所有权Powershell

powershell

访问权和所有权Powershell,powershell,Powershell,关于如何在下面的脚本中添加所有者信息,您有什么想法吗 Get-ChildItem "C:\DFSRoots\DFS\Folder_Redirection" -Recurse | ?{ $_.PsIsContainer } | %{ $Path = $_.FullName # Include inherited rights from the report (Get-Acl $Path).Access | Select-Object ` @{n='Path';e={ $P

关于如何在下面的脚本中添加所有者信息,您有什么想法吗

Get-ChildItem "C:\DFSRoots\DFS\Folder_Redirection" -Recurse | ?{
   $_.PsIsContainer } | %{ $Path = $_.FullName
   # Include inherited rights from the report 
   (Get-Acl $Path).Access | Select-Object `
   @{n='Path';e={ $Path }}, IdentityReference, AccessControlType, `
   InheritanceFlags, PropagationFlags, FileSystemRights } | Export-CSV "C:\exported\Permissions4.csv"
所有者不是Get Acl返回的
Access
属性的属性,因此在深入研究Access属性之前需要捕获它

$dfsPath = "C:\DFSRoots\DFS\Folder_Redirection"
$report  = "C:\exported\Permissions4.csv"

$result = Get-ChildItem $dfsPath -Recurse -Directory| ForEach-Object { 
    $folderPath = $_.FullName
    $acl        = Get-Acl -Path $folderPath
    $owner      = $acl.Owner
    $ownerSid   = $acl.Sddl -replace 'O:([S\-\d]+).+','$1'
    $acl.Access | 
    Select-Object @{Name = 'Path'; Expression = { $folderPath }}, *, 
                  @{Name = 'Owner'; Expression = { $owner}},
                  @{Name = 'OwnerSid'; Expression = { $ownerSid}}
}  

# output on console
$result

#output to CSV file
$result | Export-CSV $reportPath -NoTypeInformation
作为奖励,上面还检索了所有者SID

希望这有帮助,谢谢Theo,我找到了其他方法,但这一种也有效,现在的重点是获取csv,对用户进行修改并将其添加回ACL,直到这一点我很好,但现在我无法更改所有者,ACL但是所有者,没有错误,没有消息,这是我正在运行的脚本:

我认为您需要将所有者设置为
$acl
对象,而不是
$aclowner
$par = Import-Csv -Path "C:\Permisionlist\PermissionsTDNA.csv" foreach ( $i in $par ) { 
$path= $i.Path
$Owner= $i.Owner
$IdentityReference= $i.IdentityReference
$AccessControlType=$i.AccessControlType
$InheritanceFlags= $i.InheritanceFlags
$PropagationFlags=$i.PropagationFlags
$FileSystemRights=$i.FileSystemRights
echo $path $IdentityReference, $Owner
$acl = (Get-Item $path).GetAccessControl('Access')
$aclowner = (Get-Item $path).GetAccessControl('owner')
$permission = $IdentityReference, $FileSystemRights, $InheritanceFlags, $PropagationFlags, $AccessControlType
$accessRule = new-object System.Security.AccessControl.FileSystemAccessRule $permission
$Setowner = New-Object System.Security.Principal.NTAccount $Owner
$acl.SetAccessRule($accessRule)
$aclowner.SetOwner($Setowner)
$acl | Set-Acl $path
}