I use Powershell to pull in data about user accounts, some of which includes details about an user's home folder.
我使用Powershell提取有关用户帐户的数据,其中一些包含有关用户主文件夹的详细信息。
I have been using get-item on folders to get the ACL to make sure an user has proper access to their home folder. An example of my code is:
我一直在文件夹上使用get-item来获取ACL,以确保用户可以正确访问其主文件夹。我的代码的一个例子是:
((get-item C:\exampleFolder).GetAccessControl('access')).Access
This provided me the list I needed and works great. However, if an user's username changes, it can take some time (like 5- 10 minutes) before Powershell can see the change even though viewing the folder's properties reflects the changes nearly instantaneously.
这为我提供了我需要的清单并且效果很好。但是,如果用户的用户名发生更改,则可能需要一些时间(例如5到10分钟),然后Powershell才能看到更改,即使查看文件夹的属性几乎立即反映了更改。
I am just seeing if there is a better way to pull the ACL data so that what I see in folder property page is what Powershell gets.
我只是看看是否有更好的方法来拉取ACL数据,以便我在文件夹属性页中看到的是Powershell得到的内容。
first world issue for me really, just trying to make my code a little bit more efficient.
真的是第一个世界问题,只是试图让我的代码更有效率。
Edit: This is a change in a username on a domain though Active Directory, not a username on a local machine.
编辑:这是通过Active Directory更改域中的用户名,而不是本地计算机上的用户名。
1 个解决方案
#1
0
There is the Get-ACL Cmdlet. This will output an object with an Access property listing all users with Access and their Access Level.
有Get-ACL Cmdlet。这将输出一个具有Access属性的对象,该属性列出具有Access及其访问级别的所有用户。
If you want to, you could use this to make a function to get more explicit data like this:
如果你愿意,你可以使用它来创建一个函数来获得更明确的数据,如下所示:
function Get-Permissions ($folder) {
(get-acl $folder).access | select `
@{Label="Identity";Expression={$_.IdentityReference}}, `
@{Label="Right";Expression={$_.FileSystemRights}}, `
@{Label="Access";Expression={$_.AccessControlType}}, `
@{Label="Inherited";Expression={$_.IsInherited}}, `
@{Label="Inheritance Flags";Expression={$_.InheritanceFlags}}, `
@{Label="Propagation Flags";Expression={$_.PropagationFlags}}
}
This you could easily pipe on to a | Format-Table -Auto or however you wish to visually consume your output.
这可以轻松地管道到|格式表 - 自动或您希望直观地消耗您的输出。
#1
0
There is the Get-ACL Cmdlet. This will output an object with an Access property listing all users with Access and their Access Level.
有Get-ACL Cmdlet。这将输出一个具有Access属性的对象,该属性列出具有Access及其访问级别的所有用户。
If you want to, you could use this to make a function to get more explicit data like this:
如果你愿意,你可以使用它来创建一个函数来获得更明确的数据,如下所示:
function Get-Permissions ($folder) {
(get-acl $folder).access | select `
@{Label="Identity";Expression={$_.IdentityReference}}, `
@{Label="Right";Expression={$_.FileSystemRights}}, `
@{Label="Access";Expression={$_.AccessControlType}}, `
@{Label="Inherited";Expression={$_.IsInherited}}, `
@{Label="Inheritance Flags";Expression={$_.InheritanceFlags}}, `
@{Label="Propagation Flags";Expression={$_.PropagationFlags}}
}
This you could easily pipe on to a | Format-Table -Auto or however you wish to visually consume your output.
这可以轻松地管道到|格式表 - 自动或您希望直观地消耗您的输出。