stackoom
  简体   繁体   中英

Powershell Get-Acl on UNC paths with spaces

 原文  2017-12-14 23:27:37       powershell/ acl/ unc

Question

I am trying to check ACLs on UNC paths via the Get-Acl cmdlet.

The below works fine when browsing the local filesystem or on a UNC path without spaces. 

$ou = 'OU=Security Groups,DC=mydomain,DC=local'

$basepath =  '\\mydomain\dfsroot'

$filter = '*501*'

Get-ADGroup -SearchBase $ou -Filter { Name -like $filter } | % {
    $principle = $_.samAccountName
    Get-ChildItem -LiteralPath $basepath -Recurse | % {
        $path = $_.FullName
        ($path | Get-Acl).Access.IdentityReference | % { if ( $_.Value -match $principle ) { Write-Host "$principle has rights to $path" }}
    }
}

On UNC paths with spaces I get a "FileNotFoundException":

Get-Acl : \\local501\\dfsroot\\docs\\Accounting\\Bankruptcy Files\\NOTICE TO MEMBERSHIP RE-CHAPTER 11.pdf
At C:\\Users\\administrator.LOCAL501\\Documents\\IT Support Guys - (855) 4 IT GUYS\\Files\\find_paths_by_principle.ps1:11 char:18
+ ($path | Get-Acl).Access.IdentityReference | % { if ( $_.Valu ...
+ ~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-Acl],FileNotFoundException
+ FullyQualifiedErrorId : System.IO.FileNotFoundException,Microsoft.PowerShell.Commands.GetAclCommand

Can somebody help me understand what's going on here?

Thanks!

2 answers

solution1
 0  2017-12-14 23:45:57

So your code is a little needlessly complicated. Here's a script that's easier to understand the flow and shouldn't error out on spaces: 

If (-not (Test-Path -Path DFS:\))
{ New-PSDrive -Name DFS -PSProvider FileSystem -Root \\mydomain\dfsroot }

$OU         = 'OU=Security Groups,DC=mydomain,DC=local'
$Filter     = '*501*'
$Principles = (Get-ADGroup -SearchBase $OU -Filter {Name -like $Filter}).samAccountName
$Collection = @()

ForEach ($Path in (Get-ChildItem -Path DFS:\ -Recurse -ErrorVariable +CustomERR))
{
    ## Using an array literal so items don't end up appended to one giant hashtable
    $Collection += @(
        @{ Path = $Path.FullName
           Acl  = (Get-Acl -Path $Path.FullName).Access.IdentityReference.Value
         }
    )
}

ForEach ($Principle in $Principles)
{
    ForEach ($Item in $Collection)
    {
        If ($Item.Acl -contains $Principle)
        {
            Write-Host "'$Principle' has rights to '$($Item.Path)'"
        }
    }
}

Edit: made some optimizations

solution2
 0  2017-12-15 00:47:57

Ignore this! My DFS share is full of corruption! Filenames just happened to be ones with spaces. Good news!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Get-acl repeating groups - Powershell PowerShell Get-ACL with SamAccountName values PowerShell - Get-ACL not returning all permissions Get-Acl does not seem to work on UNC path? Powershell - Import list of paths from Text/CSV, Get-ACL then export to Text/CSV Powershell Get-Acl for HKLM:\SECURITY Issues Odd PowerShell Get-ACL permission translations Powershell Get-Acl Owner Reference Powershell : Get-ACL and get permissions for specific user on a remote folder How to get exact permission using get-acl powershell?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM