我想重新设计输出列脚本:
$FolderPath = Get-ChildItem -Directory -Path "C:\DRIVERS" -Recurse -Depth 2 -Force
$Output = @()
ForEach ($Folder in $FolderPath)
{
$Acl = Get-Acl -Path $Folder.FullName
ForEach ($Access in $Acl.Access)
{
$Properties = [ordered]@{'Folder Name'=$Folder.FullName;'Group/User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited;'Real name'=$Access.IdentityReference}
$Output += New-Object -TypeName PSObject -Property $Properties
}
}
$Output | Out-GridView
能够显示有权访问的用户的登录名,也可以在另一列中显示 AD 中的用户名称。我尝试过
-ExpandProperty Access | Select-Object @{n='User';e={ (Get-ADUser -Identity $_.IdentityReference.Value.Split("\")[1]).Name }}
但不太适合。
答案1
根据我的评论。这里有多种获取本地登录用户名的方法。
$env:UserName
[System.Environment]::UserName
[System.Security.Principal.WindowsIdentity]::GetCurrent().Name
(Invoke-CimMethod -InputObject $(
Get-CimInstance Win32_Process -Filter "name = 'explorer.exe'"
) -MethodName GetOwner).User
(Get-WmiObject Win32_Process -Filter "name='explorer.exe'" |
Select Name, @{
Name = 'UserName'
Expression = {"$($PSItem.GetOwner().Domain)\$($PSItem.GetOwner().User)"}
}).UserName
(Get-Process -Name 'explorer' -IncludeUserName).UserName
(Get-WMIObject -ClassName Win32_ComputerSystem |
Select-Object -Property Username
).username
whoami