2021/03/15 #Get-ACL の謎
皆様おはようございます、
#猫でもできるPowerShell(備忘録)
#Get-ACL の謎
PS C:\> get-item c:\intel |get-acl |fl
Path : Microsoft.PowerShell.Core\FileSystem::C:\intel
Owner : NT AUTHORITY\SYSTEM
Group : NT AUTHORITY\SYSTEM
Access : BUILTIN\Administrators Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
BUILTIN\Users Allow ReadAndExecute, Synchronize
NT AUTHORITY\Authenticated Users Allow Modify, Synchronize
NT AUTHORITY\Authenticated Users Allow -536805376
Audit :
Sddl : O:SYG:SYD:AI(A;OICIID;FA;;;BA)(A;OICIID;FA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OIC
IIOID;SDGXGWGR;;;AU)
PS C:\> get-item c:\intel |get-acl |fl path,access
Path : Microsoft.PowerShell.Core\FileSystem::C:\intel
Access : {System.Security.AccessControl.FileSystemAccessRule,
System.Security.AccessControl.FileSystemAcces
sRule, System.Security.AccessControl.FileSystemAccessRule,
System.Security.AccessControl.FileSyste
mAccessRule...}
PS C:\> get-item c:\intel |get-acl |fl path,access,accesstostring
Path : Microsoft.PowerShell.Core\FileSystem::C:\intel
Access : {System.Security.AccessControl.FileSystemAccessRule,
System.Security.AccessControl.FileSys
temAccessRule,
System.Security.AccessControl.FileSystemAccessRule,
System.Security.AccessC
ontrol.FileSystemAccessRule...}
AccessToString : BUILTIN\Administrators Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
BUILTIN\Users Allow ReadAndExecute, Synchronize
NT AUTHORITY\Authenticated Users Allow Modify, Synchronize
NT AUTHORITY\Authenticated Users Allow -536805376
Get-ACLの Access 属性だけを詳しく見ようと思い、
|FL path,access と投げたら変な文字に置き換わってしまいました
意味が判らず調べ上げたところ正式には AccessToString という
属性名のようです。
こういう勝手なラベル名の付け替えはやめてほしい・・
ではまた;