Some articles are posted as Images, Please use Computers to go through them for best experience. For phone users, switch to Web Version

Windows Script - Fetching NTFS Permissions, Inheritance Status & Ownership details of Root folders along with 1 Level Sub folders

 <# Created By Abhishek Bansal

 Read Note 

Script Usage - Useful in fetching Owners details, Inheritance status, NTFS Permissons of Parent / Root folder & one Level Sub folders.

Pre requisites :: Copy all the code into a text file, save it with an extension ".PS1". On same location create a txt file named "InputPath.txt" containing UNC path of share folders. Once saved, run this script as Administrator.

Execution & Outputs :: Once executed, there will be four Outifle files created which would be -

ParentfolderInheritance.csv - Containing parent folder Ownnership details along with inheritance status.

ParentfolderACL.csv - Containing parent folder NTFS permissions.

SubfoldersInheritance.csv - Containing one level subfoldes Ownnership details along with inheritance status.

SubfoldersACL.csv - Containing NTFS permissions for 1 level sub folders inside the parent folders.


Along with above, Errorlogs.csv can also be produced if there are any errors encountered while executing this script.#>

 

 $rootfolders = Get-Content .\InputPath.txt

foreach($rootpath in $rootfolders)

{

$rootpath = $rootpath.trim()

Get-Acl -Path $rootpath  |  Select Path,Owner,@{n="Inheritance Status";e={$_.AreAccessRulesProtected}} | Export-Csv ./ParentfolderInheritance.csv -NoTypeInformation -Append

(Get-Acl -Path $rootpath).Access | Select @{n="Path";e={$rootpath}},IdentityReference,FileSystemRights,AccessControlType |Export-Csv ./ParentfoldersACL.csv -NoTypeInformation -Append

    $subfolders = Get-ChildItem -Path $rootpath

     foreach ($path in $subfolders)

    {

    try{

    Get-Acl -Path $path.FullName  |  Select Path,Owner,@{n="Inheritance Status";e={$_.AreAccessRulesProtected}} | Export-Csv ./SubfoldersInheritance.csv -NoTypeInformation -Append

     }

     catch{   

        $rootpath | Select @{n="Rootfolder";e={$rootpath}},@{n="Errorinfo";e={"$path not accessible under $rootpath"}} | Export-Csv ./Errorlogs.csv -NoTypeInformation -Append

        }

    (Get-Acl -Path $path.FullName).Access | Select @{n="Path";e={$path.FullName}},IdentityReference,FileSystemRights,AccessControlType | Export-Csv ./SubfoldersACL.csv -NoTypeInformation -Append

    }

}

 

No comments:

Active Directory - Auditing File Share on a Windows Server

 

No comments:

AD Script - Finding out time Source of all the DC's in the domain

<#Created By Abhishek Bansal

Read Note 

Script Usage :: Useful in fetching sync time source for all the domain controllers of the domain.

Pre requisites :: Copy all the code into a text file, save it with an extension ".PS1". Once saved, run it as Administrator.

Execution & Outputs :: Once executed, there will be two files created as Timesyncdetails.csv containing output and Errorlogs.csv for any errors. #>


$dcs = (Get-ADDomainController -Filter *).Name

Write-Host -ForegroundColor Green "$((Get-ADDomain).PDCEmulator) is holding PDC role.."

$line = 0

$linecount = $dcs.Count

$pct = 0

foreach($dc in $dcs)

{

    $line++

    $dc = $dc.Trim()

    $pct = $line/$linecount * 100

    try{

    $error.Clear()

    Write-Progress -Activity " " -PercentComplete $pct

    Invoke-Command -ComputerName $dc -ScriptBlock{"`nFetching Sync time for $($using:dc)"} -ErrorAction Stop

    $dc | Select-Object -Property @{n="Hostname";e={$dc}},@{n="Source";e={Invoke-Command -ComputerName $dc -ScriptBlock{w32tm /query /source}}} | Export-Csv ./Timesyncdetails.csv -NoTypeInformation -Append

    }

    catch{

    $dc | Select-Object -Property @{n="Hostname";e={$dc}},@{n="ErrorInfo";e={$($error.exception.Message)}} | Export-Csv ./Errorlogs.csv -NoTypeInformation -Append

    }

}

No comments:
Subscribe to: Posts (Atom)