I have a few lines that are broken and I want those lines to be moved up to the prior line
I need help to fix this file text
Source:
Path : Microsoft.PowerShell.Core\FileSystem::\\eiesc1\Ser
vice_Legal
Access : BUILTIN\Administrators Allow FullControl
MLIDDOMAIN1\Domain Admins Allow FullControl
MLIDDOMAIN1\acl_corp_gs_legal Allow Modify, Synchronize
-----------------------
Path : Microsoft.PowerShell.Core\FileSystem::\\eiesc1\balco
Access : Everyone Allow FullControl
Everyone Allow 268435456
-----------------------
Path : Microsoft.PowerShell.Core\FileSystem::\\eiesc1\BCDRP
lanning
Access : Everyone Allow FullControl
Everyone Allow 268435456
-----------------------
Expected result:
Path : Microsoft.PowerShell.Core\FileSystem::\\eiesc1\Service_Legal
Access : BUILTIN\Administrators Allow FullControl
-----------------------
Path : Microsoft.PowerShell.Core\FileSystem::\\eiesc1\balco
Access : Everyone Allow FullControl
Everyone Allow 268435456
-----------------------
Path : Microsoft.PowerShell.Core\FileSystem::\\eiesc1\BCDRPlanning
Access : Everyone Allow FullControl
Everyone Allow 268435456
-----------------------
I only was able to run awk "/Path/{a=1;next}/Access/{a=0}a" to find which are the lines that are broken, but I do not know how to move those lines up.
sed '/^Path/{N;s/\n //;}'
You want to hold off on printing your Path lines until you've seen the next line and if the next line isn't an Access line then you want to print the two lines together.
Something like:
/Path/ {
a=$0
next
}
a && !/Access/ {
gsub(/^ */, "")
printf "%s",a
print
a=""
next
}
1
Related
I can't figure out why, when running the following script, the second "write-output" does not appear in the transcript file ???
start-transcript -Path "c:\temp\test_transcript.txt" -Append;
$acl = Get-Acl "c:\temp";
$acl | Format-Table -Wrap;
Write-Output "1) A very simple message BEFORE new-item.";
New-Item -Path "C:\temp" -Name "test_file_$(get-date -f "yyyyMMdd_HHmmss").txt" -ItemType File -Verbose -ErrorAction Stop;
#Why is th second message not included int the transcript log file ???
Write-Output "2) A very simple message AFTER new-item.";
Stop-Transcript;
Here is what I get in the transcript file :
transcript file content
Does someone have an explanation for this ?
TRANSCRIPT FILE :
Transcription démarrée, le fichier de sortie est c:\temp\test_transcript.txt
Répertoire : C:\
Path Owner Access
---- ----- ------ temp MyDomain\MyUser BUILTIN\XXX Allow FullControl
AUTORITE NT\XXX Allow FullControl
BUILTIN\XXX Allow ReadAndExecute, Synchronize
AUTORITE NT\XXX authentifiés Allow Modify, Synchronize
1) A very simple message BEFORE new-item.
EN CLAIR : Opération « Créer un fichier » en cours sur la cible « Destination : C:\temp\test_file_20230109_124005.txt ».
**********************
Fin de la transcription Windows PowerShell
Heure de fin : 20230109124005
**********************
CONSOLE :
Transcription démarrée, le fichier de sortie est c:\temp\test_transcript.txt
Répertoire : C:\
Path Owner Access
---- ----- ------
temp MyDomain\MyUser BUILTIN\XXX Allow FullControl
AUTORITE NT\XXX Allow FullControl
BUILTIN\XXX Allow ReadAndExecute, Synchronize
AUTORITE NT\XXX authentifiés Allow Modify, Synchronize
1) A very simple message BEFORE new-item.
EN CLAIR : Opération « Créer un fichier » en cours sur la cible « Destination : C:\temp\test_file_20230109_124005.txt ».
Répertoire : C:\temp
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 09/01/2023 12:40 0 test_file_20230109_124005.txt
2) A very simple message AFTER new-item.
Transcription arrêtée, le fichier de sortie est C:\temp\test_transcript.txt
Building on the helpful comments:
tl;dr
You're seeing a bug (though it isn't classified as such) that is one of several manifestations of asynchronous behavior when PowerShell implicitly applies Format-Table for-display formatting.
Workarounds, all suboptimal, unfortunately:
Per-command [cumbersome, error-prone]: Use a Format-* cmdlet explicitly with any call that normally results in table formatting by default in order to force synchronous output; in your case, place | Format-Table after your New-Item call.
Note:
Using Format-Table prevents you from capturing a command's output as data, when you try to assign to a variable or process the output further in a pipeline, because what the Format-* cmdlets emit are formatting instructions, not data.
Script-wide [introduces a 300-msec delay]: As you've discovered, inserting a Start-Sleep at the end helps, under the following conditions:
The script must end with a command that synchronously outputs to the success output stream (i.e. it must not be implicitly table-formatted), notably by outputting a string, such as in your Write-Output "2) A very simple message AFTER new-item." call. (Note that you may omit Write-Output to take advantage of PowerShell's implicit output behavior).
Start-Sleep -MilliSeconds 300 must be placed immediately before it, which forces the following synchronous output to also render the pending asynchronous output.
However, due to another design limitation in PowerShell's for-display output-formatting system that is separate from the asynchronous behavior (note that neither is specific to Start-Transcript use, but the latter manifests in a way that is specific to that cmdlet) there is general pitfall if you don't use Format-Table calls explicitly:
If the first implicitly table-formatted statement in a script uses no predefined formatting-data, it locks in the display columns for all subsequent implicitly table-formatted statements, which can make the latters' output effectively invisible - see this answer.
Per-command Format-Table calls avoid this problem (while also forcing synchronous output), at the expense of not outputting data, as noted above.
A simplified example:
Start-Transcript t.txt
# This triggers *implicit* Format-Table output that is *asynchronous*,
# due to the output object having 4 or fewer properties and
# its type not having formatting-data associated with, as with the
# Get-Acl output in your question.
# NOTE:
# * Curiously, the asynchronous behavior is also triggered in this case
# if you append | Format-Table, but only affects SUBSEQUENT
# implicitly table-formatted statements, including those whose
# output types DO have formatting-data.
[pscustomobject] #{ Foo = 'Bar' }
# WORKAROUND:
# Sleep for 300 msecs., then output *synchronously* to the success output stream.
# This forces pending asynchronous table output to print.
Start-Sleep -Milliseconds 300
"==== Done."
Stop-Transcript
You're seeing another manifestation of the infamous 300-msec. delay that occurs when Format-Table formatting is implicitly applied to output that goes to the display - see this answer for details.
While the typical manifestation is that output appears out of order (across different output streams), in your case information is lost, which is obviously a more serious problem. Data loss can also occur with the PowerShell CLI. See the GitHub issues below.
Relevant GitHub issues:
GitHub issue #10994: the problem at hand (Start-Transcript-related).
The unfortunate conclusion appears to be that this will not be fixed.
GitHub issue #4594: discussion of the surprising asynchronous behavior in general (output appearing out of order).
GitHub issue #13985: potential data loss when using the CLI.
I am looking into recreating the same results as the the Get-NTFSEffectiveAccess cmdlet provided in the NTFSSecurity module. Unfortunately, I need to re-invent the wheel using just PowerShell (as it's the only thing I know).
For the most part, I feel like I'm on the right track with my code:
$Path = "\\MyFile\Share\Path"
$User = 'Abe'
$ADUC = #(Get-ADUser -Identity $User -Properties DisplayName)
$ACL = Get-Acl -Path $Path
$Groups = $ACL.Access.IdentityReference.Where{$_ -notmatch "BUILTIN"} -replace "AREA52\\",""
foreach ($Group in $Groups) {
if ($ADUC.DistinguishedName -in $((Get-ADGroup -Identity $Group -Properties members).members)) {
[array]$ACL.Access.Where{ $_.IdentityReference -match $Group } |
Select-Object -Property #{
Name = 'DisplayName';
Expression = {
$ADUC.DisplayName
}
},#{
Name = 'GroupName';
Expression = {
$Group
}
}, FileSystemRights, AccessControlType
}
else {
#$ADUC.DisplayName + " not in " + $Group
}
}
. . .but, I am stuck. Stuck in regards to the logic should be. So i'm trying to do the following:
Compare the Groups that the user is in, to one another, to determine what actual rights they have.
The biggest issue, is probably this. We manage folder permissions by groups, and do not add the users directly to the folder witch specific rights.
I am also trying to list if the the groups (users) permission is applies to the current folder, or to the sub-directories as well
Just like the output of Get-NTFSEffectiveAccess.
Example:
Account Access Rights Applies to Type IsInherited Group
------- ------------- ---------- ---- ----------- -----
Abraham Read ThisFolderSubfoldersAndFiles Allow False Grp1
Jrose Read ThisFolderSubfoldersAndFiles Allow False Grp1
QUESTION: Is there a certain way I could compare the groups the user is in to one another, and get the Dominant access to that folder; like in windows Effective Permissions function?
Reasons on why I'd like to re-invent the wheel:
Environment I work in is very strict on modules that are installed on computers and unfortunately, the NTFSSecurity module, is not allowed.
Why not? Trying to become more edumecated:)
Been googling and looking at articles all day with one question on Experts Exchange that had a similar question, but. . . i'm not going to pay for that. haha
Would like to mention that this isn't a task, but a problem as I just can't understand the proper logic to go by here to get this done. Mentioned my both goals, but only asked for assistance with one problem as it may come off as unfair.
For auditing purposes we're doing a whatif scenario to analyse whether decreasing the length we store a mailbox for will impact the amount of data that is stored on an account that are currently in our litigation hold (soft-deleted mailboxes). In order to do that, I need to access the mailboxes using the search-mailboxes function. I am able to do this on existing mailboxes (as shown in the code below) but the same code (and variations of the paramaters) don't seem to make a difference.
An example on an existing mailbox. I am interested in the resultItemSize. I have comfirmed with the user that this is moderately accurate.
WARNING: Search-Mailbox is being dep
recated. Please use New-ComplianceSearch and related eDiscovery commands instead.
WARNING: The Search-Mailbox cmdlet returns up to 10000 results per mailbox if a search query is specified. To return more than 10000 results, use the New-MailboxSearch cmdlet or the
In-Place eDiscovery & Hold console in the Exchange Administration Center.
Output from console. This is the input I want.
Identity : Foo
TargetMailbox :
Success : True
TargetFolder :
ResultItemsCount : 3471
ResultItemsSize : 224.1 MB (235,013,064 bytes)
When attempting on a non-active user account. Note the litigation hold users have been confirmed to be in our system and I've taken a subset of them and stored them in a separate CSV. Currently, i'm running a forloop.
$value = Get-Mailbox -identity $i.Alias -InactiveMailboxOnly | search-mailbox -SearchQuery "received<=$((get-date).addyears(-1).toString("yyyy-MM-ddTHH:mm:ssZ"))" -IncludeUnsearchableItems -Verbose
Output from console:
The target mailbox or .pst file path is required.
+ CategoryInfo : InvalidArgument: (:) [], ArgumentException
+ FullyQualifiedErrorId : [Server=VI1P180MB0000,RequestId=8535af1d-a9ce-48a8-ab5f-Abcdef,TimeStamp=23/09/2019 07:10:17] [FailureCategory=Cmdlet-ArgumentException] 4B34FFB
E
+ PSComputerName : outlook.office365.com
I ran the two values separately to see where the error flags up which occurs at the search-mailbox size. If anyone has overcome this particular issue, I'd appreciate any help. Thanks!
To those in the future looking for the answer, the solution:
$user = $i.Alias
$value = Get-Mailbox -identity $user -InactiveMailboxOnly | Search-Mailbox -SearchQuery "received <= $((get-date).AddYears(-7).ToString("yyyy-MM-dd")) AND sent <= $((get-date).AddYears(-7).ToString("yyyy-MM-dd"))" -EstimateResultOnly
I need to show all the domain\username|groupname of everyone who is allowed access to a particular folder to feed into another command (I'll be removing access for all users and setting new user rights), is there anyway to format a list that returns just this parameter? I know it's probably some combination of select-object and format-list, but I'm not sure exactly what I'm looking for.
You can retrieve that from the IdentityReference property of the Access property of get-acl. Here's an example from my user folder:
PS C:\> $users = #((get-acl 'C:\users\myUser').Access |
Select-Object -ExpandProperty IdentityReference)
PS C:\> $users
Value
-----
NT AUTHORITY\SYSTEM
BUILTIN\Administrators
DOMAIN\myUser
The objects returned in the collection are of the type NTAccount.
I have a directory with a simple ACL:
The Get-Acl . | Format-List command outputs the following
Path : Microsoft.PowerShell.Core\FileSystem::mypath
Owner : BUILTIN\Administrateurs
Group : AD\Utilisateurs du domaine
Access : AD\GL_test_RW Allow Modify, Synchronize
AD\GL_test_RO Allow ReadAndExecute, Synchronize
If I rename the groups GL_test* with the rename-adobject command, and I if re-run Get-Acl, the group names are not updated !
The SID of the groups, however, are correctly translated if I do something like:
$acl.access[0].IdentityReference.Translate([Security.Principal.SecurityIdentifier]).Value
But if I translate it back to a name, the old group names are returned !
How can I force Get-Acl to return the correct and new group names ?
How long after you made that change did you re-check that ACL? Are you sure this isn't just replication latency between DC's and it will clear up as soon as all the replicas get in sync?
I got the same problem today.
Get-Acl is displaying the "samaccountname" of groups instead of "name".
But other cmdlet such as "Get-AdPrincipalGroupMembership" display the "name" of groups.
I figured that i had some groups with their "samaccountname" different than their "name".
Get-AdGroup -filter * | Where-Object {$_.name -ne $_.samaccountname} | format-table name, samaccountname}
I know this question is 2years old but think my answer can be usefull.
P-S: excuse my poor english...