import-module Ntfssecurity
$lokatie = "\Domain.localdfs"
$header = "Fullname;InheritanceEnabled"
$CSV = "C:file.csv"
add-content -value $header -path $CSV
$list = Get-Childitem $lokatie -recurse | where {$_.psiscontainer -eq $true}
foreach ($Item in $list){
$export = get-inheritance -path $item.fullname
foreach ($object in $export){
$outinfo = $item.fullname + ";" + $object.inheritanceEnabled
add-content -value $outinfo -path $CSV}}
—
$Users = Get-Content "C:user1.txt"
ForEach ($user in $users)
{
$newPath = Join-Path "c:testlocation" -childpath $user
New-Item $newPath -type directory
$nuser = "gandalf" + $user
$Access=[System.Security.AccessControl.AccessControlType]"Allow"
$Rights=[System.Security.AccessControl.FileSystemRights]"FullControl"
$Prop=[System.Security.AccessControl.PropagationFlags]"NoPropagateInherit"
$Inherit=[System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($nuser,$Rights,$Inherit,$Prop,$Access)
$acl = Get-Acl $newpath
$acl.AddAccessRule($accessRule)
Set-Acl $newpath -AclObject $acl
}
function Split-array
{
<# .SYNOPSIS Split an array .PARAMETER inArray A one dimensional array you want to split .EXAMPLE Split-array -inArray @(1,2,3,4,5,6,7,8,9,10) -parts 3 .EXAMPLE Split-array -inArray @(1,2,3,4,5,6,7,8,9,10) -size 3 #>
param($inArray,[int]$parts,[int]$size)
if ($parts) {
$PartSize = [Math]::Ceiling($inArray.count / $parts)
}
if ($size) {
$PartSize = $size
$parts = [Math]::Ceiling($inArray.count / $size)
}
$outArray = @()
for ($i=1; $i -le $parts; $i++) {
$start = (($i-1)*$PartSize)
$end = (($i)*$PartSize) - 1
if ($end -ge $inArray.count) {$end = $inArray.count}
$outArray+=,@($inArray[$start..$end])
}
return ,$outArray
}
http://gallery.technet.microsoft.com/scriptcenter/Split-an-array-into-parts-4357dcc1
While (((Test-Path $xmlConfigfile) -eq $false) -or ($NoXML)){
[System.Windows.Forms.MessageBox]::Show("ERROR: $xmlConfigfile not found!")
write-host De XML file kan niet gevonden worden -F Red
If (!($psISE)){"Press any key to continue...";[void][System.Console]::ReadKey($true)}
exit
}
-eq Equal
-ne Not equal
-ge Greater than or equal
-gt Greater than
-lt Less than
-le Less than or equal
-like Wildcard comparison
-notlike Wildcard comparison
-match Regular expression comparison
-notmatch Regular expression comparison
-replace Replace operator
-contains Containment operator
-notcontains Containment operator
To perform a Case-Sensitive comparison just prefix any of the above with “c”
for example -ceq for case-sensitive Equals or -creplace for case-sensitive replace.
Similarly prefixing with “i” will explicitly make the operator case insensitive.
Types
-is Is of a type
-isnot Is not of a type
-as As a type, no error if conversion fails
Logical operators
-and Logical And
-or Logical Or
-not logical not
! logical not
Bitwise operators
-band Bitwise and
-bor Bitwise or
Import-Module ActiveDirectory
$csv = gci .CSVFiles* -Include *.csv
$list += import-csv $CSV -Delimiter ';'
foreach ($entry in $list){
$Folderpath=$entry.'Folder path'
$Identity=$entry.IdentityReference
$AccessControlType=$entry.AccessControlType
$IsInherited=$entry.IsInherited
$Inheritanceflags=$entry.InheritanceFlags
$PropagationFlags=$entry.PropagationFlags
$FileSystemRights=$entry.FileSystemRights
$OldACL = get-acl $Folderpath
$Newpermission = ($Identity,$FileSystemRights,$Inheritanceflags,$PropagationFlags,$AccessControlType)
write-host $Newpermission
$AccessRule = new-object System.Security.AccessControl.FileSystemAccessRule $NewPermission
$OldACL.SetAccessRule($AccessRule)
$OldAcl | Set-ACL $Folderpath
$acl = Get-Acl c:temp $permission = "domainuser","FullControl","Allow" $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission $acl.SetAccessRule($accessRule) $acl | Set-Acl c:temp
$OutFile = "C:Permissions.csv"
$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited,InheritanceFlags,PropagationFlags"
Del $OutFile
Add-Content -Value $Header -Path $OutFile
$RootPath = "C:Test"
$Folders = dir $RootPath -recurse | where {$_.psiscontainer -eq $true}
foreach ($Folder in $Folders){
$ACLs = get-acl $Folder.fullname | ForEach-Object { $_.Access }
Foreach ($ACL in $ACLs){
$OutInfo = $Folder.Fullname + "," + $ACL.IdentityReference + "," + $ACL.AccessControlType + "," + $ACL.IsInherited + "," + $ACL.InheritanceFlags + "," + $ACL.PropagationFlags
Add-Content -Value $OutInfo -Path $OutFile
}}
new-item -path h: -name Folder1Folder2 -type directory
$locatie=('\Domain.localdfs$deelnemerusers$samaccountnameFolder1')
Sleep -s 30
$Domain = "$Domain$Groepsnaam"
$NewACL = get-acl $locatie
$Newpermission = ($Domain,"Modify, Synchronize","ContainerInherit, ObjectInherit", "None","Allow")
$AccessRule = new-object System.Security.AccessControl.FileSystemAccessRule $NewPermission
$NewACL.SetAccessRule($AccessRule)
$NewAcl | Set-ACL $locatie