File System Security PowerShell Module 4.2.4

Allows a much easier management of permissions on files and folders using PowerShell

NTFSSecurity.zip
 
 
 
 
 
4.8 Star
(234)
205,508 times
Add to favorites
Security
8/13/2018
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • Get-NTFSEffectiveAccess - WIN SERVER 2008 R2
    2 Posts | Last post December 05, 2019
    • Hello Raimund,
      I'm running script under Windows 2008 R2. When I use cmdlet Get-NTFSEffectiveAccess I receive following warning:
      
      WARNING: The effective rights can only be computed based on group membership on this computer. For more accurate results, calculate effective access rights on the target computer
      
      The only permission I receive is "Synchronize"
      
      Could you help me to figure out with this?
    • This may require a bit more communication. Can you start a thread by creating an issue on GitHub (https://github.com/raandree/NTFSSecurity)?
  • cant find get-ntfs
    2 Posts | Last post December 05, 2019
    • Hello 
      im trying to use the ntfssecurity module 
      i can  not find the get-ntfs 
      the available commands are 
      Add-Ace
      Disable-Inheritance
      Enable-Inheritance
      Get-Ace
      Get-EffectivePermissions
      Get-Inheritance
      Get-OrphanedAce
      Get-Owner
      Remove-Ace
      Set-Owner
      
      Am I missing something?
      thank you
    • To view all the available cmdlets, please call "Get-Command -Module NTFSSecurity". All cmdlets have a 'NTFS' prefix since long time.
  • Exclude with get-childitem2
    2 Posts | Last post December 05, 2019
    • How do you exclude certain folders from being scanned when using Get-Childitem2?
    • So far the cmdlet does not provide an 'Exclude' parameter. Is it possible to do the exclude using the filter?
  • Missing Property in Get-NTFSAccess
    2 Posts | Last post October 30, 2019
    • Get-NTFSAccess | gm
      
         TypeName: Security2.FileSystemAccessRule2
      
      Name                          MemberType                                                            
      ----                          ----------                                                                       
      Equals                        Method                                                                                               
      GetHashCode                   Method                                                                                             
      GetType                       Method                                       
      ToSimpleFileSystemAccessRule2 Method                            
      ToString                      Method                                                                            
      AccessControlType             Property                                           
      AccessRights                  Property                                                   
      Account                       Property                                            
      FullName                      Property                                                           
      InheritanceEnabled            Property                                                       
      InheritanceFlags              Property                                    
      InheritedFrom                 Property                                                                        
      IsInherited                   Property                                                                  
      Name                          Property                                                                           
      PropagationFlags              Property                               
      AccountType                   ScriptProperty
      
      
      AppliesTo is missing. It would be useful if you like to check something.
      
      (Get-Item -Path $Path | Get-NTFSAccess -ExcludeInherited | Select-Object AppliesTo) does not work
    • This is discussed in the GitHub issue https://github.com/raandree/NTFSSecurity/issues/49. Maybe the workaround proposed there does help you.
  • Runtime version
    2 Posts | Last post July 11, 2019
    • I'm running this on some 2008 R2 servers and was receiving this error when importing the module: 
      Add-Type : Could not load file or assembly 'file:///C:\Windows\system32\WindowsPowerShell\v1.0\Modules\ntfssecurity\Security2.dll' or one of its dependencies. This assembly is built by a runtime newer than the currently loaded runtime and cannot be loaded.
      I was able to resolve this error by following the instructions found here about adding supported runtimes: https://stackoverflow.com/questions/9179568/winrm-and-powershell-modules-written-with-net-framework-4
      
      However, after importing the NTFSSecurity module now, the only commands that show up when running Get-Command -Module NTFSSecurity are the 4 aliases that the module creates (de12, dir2, gi2, rm2)
      No cmdlets containing NTFS are returned.
      
      Thoughts?
    • NTFSSecurity v4.2.4 has been compiled with .Net 4.0, so does not support PowerShell 2.0, it requires PowerShell 3.0 (which uses .Net 4.0). NTFSSecurity v4.2.3 was compiled with an older version of .Net, so works with PowerShell 2.0.
      https://www.powershellgallery.com/packages/NTFSSecurity/4.2.3
      
      I've logged a bug about this https://github.com/raandree/NTFSSecurity/issues/53
  • Apply permissions recursively
    1 Posts | Last post June 13, 2019
    • Is there a way to apply folder permissions to all files in the folder that were created prior to the permission change? I've taken ownership of a folder and applied permissions, but those permissions are not applied to the files within in the folders and I need to fix that. I'm dealing with about 8700 files and folders to doing it manually isn't really an option. Thanks!
  • [get-childitem], export-csv
    3 Posts | Last post May 20, 2019
    • Hi,
      
      When i use [get-item "path" | get-ntfsaccess] i get the "applies to" informations, but when i use export-csv this information disappear in the csv file. 
      It works fine with out-file but it's not what i'm looking for...
      
      I tried [Update-TypeData -Force -TypeName Security2.FileSystemAccessRule2 -MemberType ScriptProperty -MemberName AppliesTo -Value {    [Security2.FileSystemSecurity2]::ConvertToApplyTo($_InheritanceFlags, $_PropagationFlags)}]
      The column "applies to" is now showing in the csv file but is empty...
      
      Do you have a solution?
      Thanks
      
    • Hi,
      Did you have a Solution?
      I having the Same Problem :(
      Get-ChildItem2 "\\server\sharename" -Recurse | Get-NTFSAccess -ExcludeInherited |select FullName, Account, AccessRights, InheritanceFlags, AccessControlType, InheritanceEnabled | Out-GridView -PassThru | Export-Csv -path "$scriptPath\acl_excludeInherited.csv" -Delimiter ";" -NoTypeInformation
      But i Can't select AppliesTo :(
      PropagationFlags and InheritanceFlags are not Realy Userfriendly ;)
    • I Think, i have the Solution.
      Get-ChildItem2 "\\server\sharename" -Recurse | Get-NTFSAccess -ExcludeInherited |Select-Object FullName, Account, AccessRights, @{n="AppliesTo";e={[Security2.FileSystemSecurity2]::ConvertToApplyTo($_.InheritanceFlags, $_.PropagationFlags)}}, AccessControlType, InheritanceEnabled | Out-GridView -PassThru | Export-Csv -path "$scriptPath\acl_excludeInherited.csv" -Delimiter ";" -NoTypeInformation
      Thank you for preparatory work --> [Security2.FileSystemSecurity2]::ConvertToApplyTo($_InheritanceFlags, $_PropagationFlags)
  • Run on 2008 R2?
    1 Posts | Last post April 16, 2019
    • Has anyone been able to run this on 2008R2 servers?
  • Get-ChildItem2 failure
    1 Posts | Last post March 05, 2019
    • Get-ChildItem2 -Path <UNC-PATH> 
      shows error:
      Get-ChildItem2 : (3) The target directory is a file, not a directory: [UNC-PATH]
          + CategoryInfo          : NotSpecified: (<UNC-PATH>:String) [Get-ChildItem2], DirectoryNotFoundException
          + FullyQualifiedErrorId : DirUnspecifiedError,NTFSSecurity.GetChildItem2
      when 
      Get-ChildItem -Path <UNC-PATH> 
      runs without problem. 
      What is to do?
  • Change existing permissions
    1 Posts | Last post February 26, 2019
    • Hello, 
      
      I recommend that a command "Set-NTFSAccess" be added to the module to be able to make changes to existing explicit permissions. 
      
      In my testing, if I do:
      
      Add-NTFSAccess -Path $Path -Account $Account -AccessRights ReadAndExecuite
      and then do:
      Add-NTFSAccess -Path $Path -Account $Account -AccessRights FullControl
      
      The result is the account now has Full Control. 
      If I do those same commands but in reverse order, the result is the account still has Full Control. 
      I performed the same kind of test using -AppliesTo with the same kind of results.
      If I first do -AppliesTo ThisFolderOnly and then do -AppliesTo ThisFolderSubfoldersAndFiles. It works great. 
      But then if I do it in reverse, the result is the account still shows Applies To as ThisFolderSubfoldersAndFiles. 
      
      Basically, you can edit the existing permissions granting MORE rights, but not LESS. 
      I assume the only way to go with LESS rights, is to first use Remove-NTFSAccess and then add the lesser rights. Is that correct?  
      (I am performing my testing on Win Server 2012 R2 in PowerShell ISE version 5.1.14409.1012)
      
      Any thoughts on adding a Set-NTFSAccess to change existing permissions?
      
      Thanks a ton!
1 - 10 of 223 Items