First download NUGet from NuGet.org. Install it for your cordinating version of visual studio Once installed Launch VS then launch NuGet’s console from within Run the following line for Framework 4.0 and Above PM> Install-Package ASTreeView If your project is targeted to .Net Framework 2.0 or 3.5, please install the legacy package using this line …
Continue reading “Using ASTreeView for Drag and Drop Action”
So once in a while, I get a stingy program that refuses to remove itself from my Add Or Remove Program’s list. So what I end up doing is jumping into the registry and removing the Key from the uninstall list. In my case, I ended up having to remove a couple of keys under …
Continue reading “Ripping an application out of AppWiz.CPL (Add or Remove Programs)”
So, My hearing was on Friday the 15th. It turns out that they have up to three days to enter the minutes from the hearing and that I’ll receive an update by the end of this week in the mail. Fingers crossed 🙂 Update Minutes were posted today. Took about a business day and a …
Our department is pretty large and users tend to change user folder permissions out of our standard. This script I threw together to cycle through a list of folders that match the users ‘samAccountName’ in active directory. BEWARE This will delete folders and data of users that do not exist.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 |
Remove-Variable * -ErrorAction SilentlyContinue; Remove-Module *; $error.Clear(); Clear-Host $Domain = "MyDomain" $RootFSPath = "G:\users3" Function GetFolderACL([string]$User, [bool]$Recursive) { $filePath = "$RootFSPath\$User" #Get-Acl -Path $filePath | Format-List $filePathacl = Get-Acl -Path $filePath if ($Recursive -eq $True) { $folders = Get-ChildItem $filePath -Recurse #-Directory foreach ($folder in $folders) { #Get-Acl -Path $folder.FullName | Format-List foreach ($access in $filePathacl.Access) { if ($access.IdentityReference.Value -eq "$Domain\$user" -and $access.FileSystemRights -eq "Modify, Synchronize") { continue } if ($access.IdentityReference.Value -eq "NT AUTHORITY\SYSTEM" -and $access.FileSystemRights -eq "FullControl") { continue } if ($access.IdentityReference.Value -eq "BUILTIN\Administrators" -and $access.FileSystemRights -eq "FullControl") { continue } if ($access.IdentityReference.Value -eq "$Domain\Domain Admins" -and $access.FileSystemRights -eq "FullControl") { continue } Write-Host $access.IdentityReference $access.FileSystemRights } } } } Function GetFolderACLRecursive([string]$filePath, [string]$User,[bool]$Recursive) { if ($Recursive -eq $True) { $folders = Get-ChildItem $filePath -Recurse -Directory foreach ($folder in $folders) { GetFolderACLRecursive $folder.PSPath $true } } [bool]$UserPerm = $false [bool]$SystemPerm = $false [bool]$AdminPerm = $false [bool]$DomainAdminPerm = $false $Searcher = [ADSISearcher]"(sAMAccountName=$folder)" $Results = $Searcher.FindOne() If ($Results -eq $Null) { if ($filePath -ne "$RootFSPath\") { #try your best not to wak the parent folder due to Hr's typeo's ;) Write-Host "$folder does not exist in AD, $filePath can be deleted... Deleting" Remove-Item –path $filePath –recurse -force $UserPerm = $true } } else #If they do exit check the ACLS { $filePathacl = Get-Acl -Path $filePath foreach ($access in $filePathacl.Access) { if ($access.IdentityReference.Value -eq "$Domain\$User" -and $access.FileSystemRights -eq "Modify, Synchronize") { $UserPerm = $true continue } if ($access.IdentityReference.Value -eq "NT AUTHORITY\SYSTEM" -and $access.FileSystemRights -eq "FullControl") { $SystemPerm = $true continue } if ($access.IdentityReference.Value -eq "BUILTIN\Administrators" -and $access.FileSystemRights -eq "FullControl") { $AdminPerm = $true continue } if ($access.IdentityReference.Value -eq "$Domain\Domain Admins" -and $access.FileSystemRights -eq "FullControl") { $DomainAdminPerm = $true continue } Write-Host $filePath.PadRight(15) $access.IdentityReference $access.FileSystemRights } if ($SystemPerm -eq $false) { Write-Host "Missing System Permission to $filePath" } if ($AdminPerm -eq $false) { Write-Host "Missing Admin Permission to $filePath" } if ($DomainAdminPerm -eq $false) { Write-Host "Missing DominAdmin Permission to $filePath" } if (($UserPerm -eq $false) -or ($SystemPerm -eq $false) -or ($AdminPerm -eq $false) -or ($DomainAdminPerm = $false)) { return $false } } } Function SetFolderACL([string]$User, [bool]$Recursive, [bool]$EnableInheritance, [bool]$DisableInheritance) { $filePath = "$RootFSPath\$User" $filePathacl = Get-Acl -Path $filePath if ($EnableInheritance -eq $True) #This should not happen if we are looking to disable Inheritance, We want to remove it from the parent folder last below in this code. { foreach ($access in $filePathacl.Access) { #if ($access.IdentityReference.Value -eq $user) { #$acl.RemoveAccessRule($access) | Out-Null $filePathacl.RemoveAccessRule($access) #} } $filePathacl.SetAccessRuleProtection($false,$false) Set-Acl -Path $filePath -AclObject $filePathacl } if ($Recursive -eq $True) { $folders = Get-ChildItem $filePath -Recurse #-Directory foreach ($folder in $folders) { $acl = Get-Acl -Path $folder.FullName Write-Host $folder.FullName if ($EnableInheritance -eq $True) { $acl.SetAccessRuleProtection($false,$false) Set-Acl -Path $folder.FullName -AclObject $acl } if ($DisableInheritance -eq $True) { $acl.SetAccessRuleProtection($true,$true) Set-Acl -Path $folder.FullName -AclObject $acl } foreach ($access in $acl.Access) { #if ($access.IdentityReference.Value -eq $user) { #$acl.RemoveAccessRule($access) | Out-Null $acl.RemoveAccessRule($access) #} } Set-Acl -Path $folder.FullName -AclObject $acl } } if ($DisableInheritance -eq $True) #This should not happen if we are looking to disable Inheritance, We want to remove it from the parent folder last below in this code. { $filePathacl = Get-Acl -Path $filePath $filePathacl.SetAccessRuleProtection($true,$true) foreach ($access in $filePathacl.Access) { #if ($access.IdentityReference.Value -eq $user) { #$acl.RemoveAccessRule($access) | Out-Null $filePathacl.RemoveAccessRule($access) #} } Set-Acl -Path $filePath -AclObject $filePathacl } $acl = Get-Acl -Path $filePath $permission = "$Domain\$user", "Modify", "ContainerInherit, ObjectInherit", "None", "Allow" $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission $acl.SetAccessRule($accessRule) $acl | Set-Acl $filepath } Function SetStrightFolderACL([string]$User, [bool]$Recursive, [bool]$EnableInheritance, [bool]$DisableInheritance) { Write-Host $folder.FullName $filePath = "$RootFSPath\$User" $filePathacl = Get-Acl -Path $filePath $acl = Get-Acl -Path $filePath $permission = "$Domain\$user", "Modify", "ContainerInherit, ObjectInherit", "None", "Allow" $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission $acl.SetAccessRule($accessRule) $acl | Set-Acl $filepath } $folders = Get-ChildItem "$RootFSPath" #-Recurse #-Directory foreach ($folder in $folders) { $acl = Get-Acl -Path $folder.FullName #Write-Host (GetFolderACLRecursive "$RootFSPath\$folder" $folder $false) $result = GetFolderACLRecursive "$RootFSPath\$folder" $folder $false if ($result -eq $false) { $Searcher = [ADSISearcher]"(sAMAccountName=$folder)" $Results = $Searcher.FindOne() If ($Results -eq $Null) { #Write-Host "Users does not exist in AD" } Else { #Write-Host "User found in AD" SetFolderACL $folder.Name $true $false $True #Remove Inhairtance SetFolderACL $folder.Name $true $true $false #Enable Inhairtance } } #Write-Host $folder.FullName #Write-Host $folder.Name #GetFolderACL $folder.Name $false #SetStrightFolderACL $folder.Name $true $true $false #Enable Inhairtance #SetFolderACL $user $true $true $false #Enable Inhairtance } exit #GetFolderACL $user $true SetFolderACL $user $true $false $True #Remove Inhairtance SetFolderACL $user $true $true $false #Enable Inhairtance exit SetFolderACL $user $true $false $True #Remove Inhairtance exit SetFolderACL $user $true $true $false #Enable Inhairtance exit |
Windows Firewall can be a minorly tricky subject when it comes to the configuration at a level with scalability. After connecting with Microsoft it appears the three main options are 1: Group Policy <– Imagine your GPEdit to reflect 1000+ lines of custom configurations for each server in your environment. 2: Desired State Configuration <– …
