时间戳

首页 > 解决方案 > 创建 NTFS 报告并显示用户帐户是启用还是禁用

powershell - 创建 NTFS 报告并显示用户帐户是启用还是禁用

问题描述

我的任务是更新由其他人创建的脚本,但我遇到了困难。该脚本用于收集特定文件夹的 NTFS 权限。该脚本当前输出文件夹名称、有权访问该文件夹的组/用户及其权限。我想添加一列显示帐户是启用还是禁用。对于我的一生,我无法弄清楚如何将用户帐户启用或禁用添加到对象中。这是我目前正在使用的代码。我尝试进行一些修改以填充 Enabled 列,但没有成功。对powershell来说相当新,所以希望这是有道理的!

谢谢

$FoldersToCheck = "P:\Companies\"

import-module activedirectory

Function ReportNTFS($p) {
    $temp = Get-ChildItem -Directory -Name -Path $p -Force -Depth 0
    $fullPath += ,$p
    ForEach ($x in $temp) {
        $fullPath += ,($p + $x)
    }
    $Output = @()
    $Properties = [ordered]@{'Folder Name'="Starting Folder: "+$p;'Group/User'='';'Enabled'='';'Permissions'=''}
    $Output += New-Object -TypeName PSObject -Property $Properties
    $Properties = [ordered]@{'Folder Name'='';'Group/User'='';'Enabled='='';'Permissions'=''}
    $Output += New-Object -TypeName PSObject -Property $Properties

    ForEach ($global:Folder in $fullPath) {
        $a,$b = $global:Folder -split $p,2,"simplematch"
#Write-Host "path: "  $b
       $Acl = Get-Acl -Path $global:Folder
       ForEach ($Access in $Acl.Access) {
           $Properties = [ordered]@{'Folder Name'=".\"+$b;'Group/User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights}
           $Output += New-Object -TypeName PSObject -Property $Properties

           $thisShortID = $Access.IdentityReference -split "QUANTA\\"
           $groupList = $null
           try { $groupList = Get-ADGroupMember -Identity $thisShortID[1] | select name  }
           catch { <# not a group #> }
           finally {
#Write-Host "*is group " 
               ForEach ($u in $groupList) {
                   $Properties = [ordered]@{'Folder Name'=".\"+$b;'Group/User'=' --> '+$u.name;'Permissions'=$Access.FileSystemRights}
                   $Output += New-Object -TypeName PSObject -Property $Properties
                }
           }

      try{
          $global:Enabled = Get-ADGroupMember -Identity $thisShortID[1] | where {$_.objectclass -eq 'user'} | get-aduser | select name
           foreach ($user in $global:enabled) { Get-ADUser -Identity $user | select Enabled }
           }
           catch{}
           finally{


                   ForEach ($e in $global:enabled) {
                   $Properties = [ordered]@{'Folder Name'=".\"+$b;'Group/User'=' --> '+$u.name;'Enabled'=$e;'Permissions'=$Access.FileSystemRights}
                   $Output += New-Object -TypeName PSObject -Property $Properties
                   }
                   }

       }
       $Properties = [ordered]@{'Folder Name'='';'Group/User'='';'Enabled'='';'Permissions'=''}
       $Output += New-Object -TypeName PSObject -Property $Properties
   }
    return ,$Output
}


ForEach ($f in $FoldersToCheck) {
    $reportArray = ReportNTFS($f)
}


    $reportArray 
}

标签: powershellactive-directoryntfs

解决方案

推荐阅读