Report Permessi Share e Appartenenza Gruppi

Salvare il codice in un file di testo con nome ReportPermessiShareAppartenenzaGruppi.ps1
Eseguire Powershell con diritti di amministrazione sulla share
cd [path cartella contenente ReportPermessiShareAppartenenzaGruppi.ps1]

# Powershell.exe -executionpolicy bypass .\ReportPermessiShareAppartenenzaGruppi.ps1

Codice:

Get-Item \\DFS\share\department | select -ExpandProperty FullName | % {write "Folder: $_ `n"; get-acl $_ | select -property AccessToString | FL ; $($(get-acl $_ | select -ExpandProperty Access | where IdentityReference -Match "Domain01*|Domain02*" | select -ExpandProperty IdentityReference) -replace "^(.*?\\)(.+)" , '$2') | % {Get-ADGroup -Filter {( name -like $_) -and (ObjectClass -eq "group") -and ( name -notlike "Domain Admins") -and ( name -notlike "Administrators") } -server "domainController.domain.ext" -searchbase "DC=Domain01,DC=domain,DC=ext" -Properties * | % { write "`nGroup" $_.CN "`nMember" ; Get-ADGroupMember $_ | select -ExpandProperty SamAccountName }} ; write "`n`n`n --------------------------------------------------------------------------------------------------------------------------------------------- `n`n`n"} | Out-File -FilePath $(".\Output"+$(Get-Date -UFormat %Y-%m-%d_%H.%M.%S)+".txt") -Encoding "UTF8" -Append -Force

Get-ChildItem \\DFS\share\department | select -ExpandProperty FullName | % {write "Folder: $_ `n"; get-acl $_ | select -property AccessToString | FL ; $($(get-acl $_ | select -ExpandProperty Access | where IdentityReference -Match "Domain01*|Domain02*" | select -ExpandProperty IdentityReference) -replace "^(.*?\\)(.+)" , '$2') | % {Get-ADGroup -Filter {( name -like $_) -and (ObjectClass -eq "group") -and ( name -notlike "Domain Admins") -and ( name -notlike "Administrators") } -server "domainController.domain.ext" -searchbase "DC=Domain01,DC=domain,DC=ext" -Properties * | % { write "`nGroup" $_.CN "`nMember" ; Get-ADGroupMember $_ | select -ExpandProperty SamAccountName}} ; write "`n`n`n --------------------------------------------------------------------------------------------------------------------------------------------- `n`n`n"} | Out-File -FilePath $(".\Output"+$(Get-Date -UFormat %Y-%m-%d_%H.%M.%S)+".txt") -Encoding "UTF8" -Append -Force

# shere folder access group departmentGroup read and execute this folder only on shere folder departement

Get-ADGroup -Filter {name -like "departmentGroup"} -server "domainController.domain.ext" -searchbase "DC=Domain01,DC=domain,DC=ext" -Properties * | % { write "`nGroup" $_.CN "`nMember" ; Get-ADGroupMember $_ | select -ExpandProperty SamAccountName} | % {Get-ADGroup -Filter {( name -like $_) -and (ObjectClass -eq "group") -and ( name -notlike "Domain Admins") -and ( name -notlike "Administrators") } -server "domainController.domain.ext" -searchbase "DC=Domain01,DC=domain,DC=ext" -Properties * | % { write "`nGroup" $_.CN "`nMember" ; Get-ADGroupMember $_ | select -ExpandProperty SamAccountName} ; write "`n --------------------------------------------------------------------------------------------------------------------------------------------- `n"} | Out-File -FilePath $(".\Output"+$(Get-Date -UFormat %Y-%m-%d_%H.%M.%S)+".txt") -Encoding "UTF8" -Append -Force

Lascia un commento

Inserisci i tuoi dati qui sotto o clicca su un'icona per effettuare l'accesso:

Logo WordPress.com

Stai commentando usando il tuo account WordPress.com. Chiudi sessione / Modifica )

Foto Twitter

Stai commentando usando il tuo account Twitter. Chiudi sessione / Modifica )

Foto di Facebook

Stai commentando usando il tuo account Facebook. Chiudi sessione / Modifica )

Google+ photo

Stai commentando usando il tuo account Google+. Chiudi sessione / Modifica )

Connessione a %s...