powershell active directory picker
Question
Actually i have a powershell script which analyzes the ntfs permissions on a file server. i enter the group name, specify the folder and afterwards i get the list. now i want to implement a active directory picker dialog like this instead of typing the group name
is there any powershell code to add to my script? this is what i have.
$gruppe = read-Host "group name"
Function Get-Folder($initialDirectory)
{
[System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms")|Out-Null
$Ordnername = New-Object System.Windows.Forms.FolderBrowserDialog
$Ordnername.Description = "Ordner auswählen"
$Ordnername.rootfolder = "MyComputer"
if($Ordnername.ShowDialog() -eq "OK")
{
$Ordner += $Ordnername.SelectedPath
}
return $Ordner
}
$o = Get-Folder
write-host
function Get-FolderRightsForAccount([string]$dn, [string]$rootfolder, [switch]$includeInheritedRights){
$sids = @()
$sids += (Get-ADObject $dn -Properties objectSid).objectSid.Value
$sids += Get-ADPrincipalGroupMembership $dn | select -Expand GroupName
$inherited = @{$true=($true,$false);$false=$false}[$includeInheritedRights.IsPresent]
(Get-ACL $rootfolder).Access | ?{try{$_.IdentityReference.Translate([System.Security.Principal.SecurityIdentifier]).Value -in $sids -and $_.IsInherited -in $inherited}catch{}} | select @{n='Folder';e={$rootfolder}},AccessControlType,@{n='Rights';e={$_.FileSystemRights}}
gci $rootfolder -Recurse -Directory -PipelineVariable f | %{
(Get-ACL $_.Fullname).Access | ?{try{$_.IdentityReference.Translate([System.Security.Principal.SecurityIdentifier]).Value -in $sids -and $_.IsInherited -in $inherited}catch{}} | select @{n='Folder';e={$f.Fullname}},AccessControlType,@{n='Rights';e={$_.FileSystemRights}}
}
}
Get-FolderRightsForAccount -dn (Get-ADGroup $Gruppe).DistinguishedName -rootfolder $o -includeInheritedRights | ft -AutoSize
1 answers
solution1
0 2021-03-18 18:05:45
It's not a picker like shown, but could be even more useful. You can utilize the cmdlet Out-GridView . You can allow choosing many or limit to one item. You can filter and/or sort the list as well.
$selectedgroup = Get-ADGroup -Filter * |
Select-Object -Property Name, GroupCategory,GroupScope, SamAccountName,DistinguishedName |
Sort-Object -Property Name | Out-GridView -OutputMode Single -Title "Please choose a group"
if(!$selectedgroup){
Write-Host "No group was selected" -ForegroundColor Yellow
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.