Skip to main content

Filesystem v 0.992

Just over a year after I published the first version of this module, and too many revisions to count later, I am fast approaching 1000 downloads!  This update takes the number of functions past 50 too!  Thanks to everyone who have given me great feedback! 

The latest release can be downloaded here. For more info on the module see here.


Bug Fix

removed the discovery error on load

Added Functions

get-sharePermission (not sure why it took so long for this one to appear)
get-NTFSBlockedInheritance - to compliment get-NTFSExplicitPermissions, this return the path of a folder if inheritance has been blocked

updated Function

get-NTFSExplicitPermissions - added an exclude parameter in the same way that get-NTFSPermission works

 Cheers

 Adam

Labels

Labels:

Comments

  1. AnonymousJanuary 11, 2013 at 8:29 AM

    Minor bug?

    When I create a new folder and share, and then add-ntfspermission, my script adds the permission, but the inherited permissions are not included.

    The only way I can get these to populate is either from a remote access to the folder to select the security tab, advanced, change permissions and select the "Replace all child permissions....etc" checkbox. Or on the server where the folder's been created, select the folder and when I get the prompt I don't have permissions..."continue?" Select continue and everything fine, permission entries are then populated.

    Regards

    Ian

    ReplyDelete
    Replies
    1. Adam StoneFebruary 16, 2013 at 9:31 AM

      can you post your code please? changing the names of anything important of course :) I'll try to emulate your issue

      cheers

      Delete
    2. AnonymousFebruary 20, 2013 at 9:22 AM

      Hi there

      Apologies, just seen your response.

      Unfortunately, I've changed the code somewhat and don't have the original. I believe, my workaround was to create the folder first using New-Item as per:-

      New-Item -Path \\server\d$\foldername -ItemType Directory
      Add-NTFSPermission -path \\server\groups\$folder -object $resourcename -Permission Modify | Out-Null
      New-FileShare -name $folder -server servername -path path | Out-Null

      Cheers

      Ian

      Delete

Post a Comment

Popular posts from this blog

Enable Powershell Remoting (WinRM) via Group Policy

I have been doing some testing on enabling WinRM via group policy, being that WinRM is the service that Powershell v2 sets up it remoting capabilities. Here are the GPO settings that you need to configure WinRM .... set the winrm service to auto start Computer Configuration \ Policies \ Windows Settings \ Security Settings \ System Services Windows Remote Management (WS-Management)  set Startup Mode to Automatic start the service incorporated in to the above - you may need a restart. create a winrm listener Computer Configuration / Policies / Administrative Templates / Windows Components / Windows Remote Management (WinRM) / WinRM Service / Allow automatic configuration of listeners IPv4 filter: * * is listen on all addresses, or if you only want a particular IP address to respond use an iprange eg 10.1.1.1-10.1.1.254 - don't forget that this IP range has to be valid for all hosts that fall in the scope of the GPO you are creating.  You can use 1...
2 comments
Read more

Finding out what 'SearchFlags' are set on you AD attributes

Whilst doing some research into indexed attributes, I posted this  a while back on how to find your index attributes.  Since then, I have looked a little deeper into what indexing really means and found this excellent explanation on the numbers that can be found in the searchflags attribute of a schema object. Using Florian’s reference, I built the following script (which is both powershell v1 and v2 compatible) to get the schema attributes from the forest schema and return (among other things) the breakdown of your attributes search flags. $forest = [System.DirectoryServices.ActiveDirectory.forest]::getcurrentforest() $schema = [ADSI]('LDAP://CN=Schema,CN=Configuration,dc=' + ($($forest).name -replace "[.]",",dc=")) $attributes = $schema.psbase.children | where {$_.objectClass -eq "attributeSchema"} $collection = @() foreach ($attr in $attributes){ $store = "" | select "Name","lDAPDisplayName","singlev...
2 comments
Read more

Assigning Permissions - AGDLP

AGDLP It seems I have been mildly distracted away from the title of this blog site.   It does say AD Admin, but I seem to have been taken away by file system stuff.   I have to say, it has all been worthwhile, but it’s probably time I got back to the real heart of what I do. There are probably a million permission assigning advice pages, but I thought I would put another one out there after referring to AGDLP in my last post. So, what is this all about – AGDLP.   Well, it is something I learned in my MCSE 2003 studies and has become ingrained into my ideals since.   As a contractor, I get to move job often.   This enables me to forge opinions on how to configure things in a domain, and more importantly how NOT to configure things. AGDLP is definitely on the to do list…for anyone in any size domain or forest, as it follows some very basic principals.   I will explain these whilst I go through what AGDPL stands for. A A is for...
2 comments
Read more