Skip to main content

Updated : V0.992 Filesystem Powershell module

Update : version 0.992 now available including DFS-r

Hot on the heals of my AD sites module, I have been looking at some file system functions.  This module is driven primarily by my own needs, but after a prompt on the powergui website from someone after a way of managing DFS with powershell (thanks packetboy), this is what I have come up with.  All help files are included with examples, but I will publish the help and examples over time.

Requirements


This module has been built on a Windows 2008 R2 platform and therefore the DFS functions will be based around the 2008 R2 version of DFSUTIL.  This is not to say that it is not compatible with anything earlier, it has just not been tested.
Installation and use

Download the zip file and extract to your modules folder. This can be found by running "explorer $pshome\modules" from a PowerShell console. To use, run "import-module Filesystem"

Command list and Help

To retrieve the list of commands and get help, as with all PowerShell functions and cmdlets use the built in get-command and get-help.

Get-command -module filesystem will list all the commands from the module

Get-help get-dfsroot -full will display the full help file

Included functions 

add-DFSlinkABEPermission
add-DFSLinkTarget
add-DFSRootTarget
Add-NTFSPermission
disable-DFSLinkTarget
disable-DFSrootABE
enable-DFSLinkTarget
enable-DFSrootABE
get-DFSLink
get-DFSlinkABEPermission
get-dfsroot
get-DFSRootABEStatus
get-shareConnection
new-DFSLink
new-DFSroot
new-FileShare
remove-DFSLink
remove-DFSlinkABEPermission
remove-DFSLinkTarget
remove-DFSRoottarget
Remove-NTFSPermission
set-ntfsInheritance
set-sharepermission
test-fileshare


Please let me know any feedback in the comments, and of course, test in a development environment before using in production.

The module can be downloaded here.

cheers

Adam

Comments

  1. Thanks. Just what I was looking for. Works nicely.

    ReplyDelete
  2. This is really really useful thank you. One comment though - it appears from my early testing that since you're picking up the $env:USERDOMAIN value and referencing it as $netbiosdomain, then using that as a reference on the "object" parameters for adding / removing NTFS permissions, you can't specify for example, the builtin\users group to act upon?

    ReplyDelete
  3. having said that, commenting out the $userdomain argument and its comma within the argumentlist parameter of the ntaccount class does the trick, just means you need to specify the domain as part of the -object parameter

    ReplyDelete
  4. thanks for the feedback. I will update the functions to allow for built in groups to be added.

    cheers

    ReplyDelete
  5. Me again - Following your lead, I've created equivalent DFSR functions to create replication groups, add members, add connections, add folders etc. Not quite as elegant as your DFSN / file services module but if you want the code to add to your module or to update and publish as you see fit, you're welcome to it, after all the work you saved me by making your module available.

    ReplyDelete
  6. Thank you, works very well, the only way I found to get a decent formatting when listing DFS targets. You might consider changing the module-name from filesystem to something more unique, I already had another module named filesystem, I suspect it is common.

    ReplyDelete
  7. What I've seen so far is awesome, however the get-dfslink cmdlet doesn't return the entire link name when it contains a space (I inherited it, and I'm not the senior SysAdmin...)
    Thank you,

    ReplyDelete
  8. Actually the Get-DFSLink cmdlet doesn't seem to like spaces either. It seems to be returning the correct information, but it throws a "You cannot call a method on a Null-Valued Expression" error for each space in the path, even when encased in single or double quotes.
    On the plus side, it is handling the ridiculous number of "&" characters like a champ (I have a single path with 4 '&' Characters)!

    ReplyDelete
  9. A minor thing, for anyone doing the wierd things I am, Get-DFSLink seems to return a Hash or Array for the Targets, which is fine, however, the 'State' Property of the Targets Noteproperty for a disabled Target is returned as "disbled" so, if like me you are filtering out disabled targets, make sure you are checking for "disbled". It might be good to note that I think I'm using Version .95 not .94

    ReplyDelete
  10. Thanks for the great feedback, I'll update in the next couple of days.

    ReplyDelete
  11. anon - where can we get the DFSr files you made?

    ReplyDelete
  12. Another big thank you for this useful module. Can I suggest you rename Process-FixedWidthText to Format-FixedWidthText to get rid of the unapproved verb warning.

    ReplyDelete
  13. Hopefully you are still active on this blog. I'm using your module, and I'm very happy so far, but I cannot figure out how to return, all the namespace server of a specific name space.

    Can you help ?

    ReplyDelete
    Replies
    1. Seems that you have found a bug....the get-dfsroot command should output the namespace servers in the targets attribute.

      Thanks for the feedback :)

      Delete

Post a Comment

Popular posts from this blog

Enable Powershell Remoting (WinRM) via Group Policy

I have been doing some testing on enabling WinRM via group policy, being that WinRM is the service that Powershell v2 sets up it remoting capabilities. Here are the GPO settings that you need to configure WinRM .... set the winrm service to auto start Computer Configuration \ Policies \ Windows Settings \ Security Settings \ System Services Windows Remote Management (WS-Management)  set Startup Mode to Automatic start the service incorporated in to the above - you may need a restart. create a winrm listener Computer Configuration / Policies / Administrative Templates / Windows Components / Windows Remote Management (WinRM) / WinRM Service / Allow automatic configuration of listeners IPv4 filter: * * is listen on all addresses, or if you only want a particular IP address to respond use an iprange eg 10.1.1.1-10.1.1.254 - don't forget that this IP range has to be valid for all hosts that fall in the scope of the GPO you are creating.  You can use 10.1.1.1 -

Assigning Permissions - AGDLP

AGDLP It seems I have been mildly distracted away from the title of this blog site.   It does say AD Admin, but I seem to have been taken away by file system stuff.   I have to say, it has all been worthwhile, but it’s probably time I got back to the real heart of what I do. There are probably a million permission assigning advice pages, but I thought I would put another one out there after referring to AGDLP in my last post. So, what is this all about – AGDLP.   Well, it is something I learned in my MCSE 2003 studies and has become ingrained into my ideals since.   As a contractor, I get to move job often.   This enables me to forge opinions on how to configure things in a domain, and more importantly how NOT to configure things. AGDLP is definitely on the to do list…for anyone in any size domain or forest, as it follows some very basic principals.   I will explain these whilst I go through what AGDPL stands for. A A is for account.   It is the securit

PowerShell 3 behavioural change

It's taken me way too long to get into PowerShell 3, I guess opportunity hasn't shown it's self until now and so, here, my V3 journey begins. I was asked to debug a script that would run fine in PS v2 and not in v3.  The issue was a that a variable length was being checked and was failing in v3.  This is why... In v2 if a variable is undefined , this test returns false PS C:\windows\system32> $var.length -eq 0 False In v3 the same test returns true.... PS C:\windows\system32> $var.length -eq 0 True Not a biggie, but as in this case, a script has broken so something to consider! cheers Adam