Last active
November 21, 2020 12:37
-
-
Save ikubaku/1fff51ae6c66dffe657758a09a57f285 to your computer and use it in GitHub Desktop.
不明なアカウントから所有権とアクセス制御を奪い取るPowerShellスクリプト
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[String]$sid = "<Fill in the old SID here>" | |
[String]$newuser = "<Fill in the new username here(domain\user)>" | |
$path = Get-ChildItem "<Fill in the directory to perform operation(note that the directory specified here will not be modified)>" -Recurse | |
foreach($file in $path) { | |
$acl = Get-Acl -LiteralPath $file.FullName | |
if($acl.Owner -eq "O:$sid") { | |
foreach($acc in $acl.access) { | |
if($acc.IdentityReference.Value -match $sid) { | |
$newacc = New-Object System.Security.AccessControl.FileSystemAccessRule($newuser, @($acc.FileSystemRights), @($acc.InheritanceFlags), @($acc.PropagationFlags), @($acc.AccessControlType)) | |
$acl.RemoveAccessRule($acc) | Out-Null | |
$acl.AddAccessRule($newacc) | Out-Null | |
Set-Acl -LiteralPath $file.FullName -AclObject $acl -ErrorAction Stop | |
Write-Host "Migrating AccessControl information for file $file" | |
} | |
} | |
$ntaccount = New-Object System.Security.Principal.NTAccount($newuser) | |
$acl.SetOwner($ntaccount) | |
Set-Acl -LiteralPath $file.FullName -AclObject $acl -ErrorAction Stop | |
Write-Host "chown orphaned $sid => $newuser for file $file" | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment