From 2b254f909f2b2eaf102ef1fe6f00f3af0ea4666a Mon Sep 17 00:00:00 2001 From: Horacio Fernandez Date: Fri, 16 Jan 2015 12:26:59 -0600 Subject: [PATCH] Update 20150108 --- ...hellAccessControl_cAccessControlEntry.psm1 | Bin 19208 -> 20106 bytes ...hellAccessControl_cSecurityDescriptor.psm1 | Bin 25056 -> 25198 bytes PowerShellAccessControl.psd1 | Bin 7666 -> 7666 bytes PowerShellAccessControl.psm1 | 25 +++++++++++------- 4 files changed, 15 insertions(+), 10 deletions(-) diff --git a/DSCResources/PowerShellAccessControl_cAccessControlEntry/PowerShellAccessControl_cAccessControlEntry.psm1 b/DSCResources/PowerShellAccessControl_cAccessControlEntry/PowerShellAccessControl_cAccessControlEntry.psm1 index 95721f497f61b8589eb43736fa4e13a08f7e4b3e..d3e40e383d95030e8a758af10ddc7193c1c056bf 100644 GIT binary patch delta 345 zcmeB}#@IENal;kQ$u~53CfgYcOfE3vnH-_5G1B@d0%U!08D#Qj`5W oI41LP^GJdM16iLN&?AWq=?uk_1%Y-p*l1O#Tvw12P9P(ApGLV3$3*$zfcL9Jk5fS c(Q)!ce$C0hq9kngi00zGr_5c6? delta 32 ocmaENgz>>)#tko2Ci|!cu{ts&Go((oS8<RiX#fBK diff --git a/PowerShellAccessControl.psd1 b/PowerShellAccessControl.psd1 index 2424d2256c37b2d8992ee4dc269d1060f841a61b..7e49504005ad1a4ed3414a72eb58ab3ac582dd40 100644 GIT binary patch delta 30 icmexl{mFVm4WpnjgC2tsg8_pfgDIFa*xbvQDgyw5K?fB8 delta 30 kcmexl{mFVm4WpnTgC2tsg8_pfg9(r{XE5B{%a|$y0D?aU82|tP diff --git a/PowerShellAccessControl.psm1 b/PowerShellAccessControl.psm1 index 0c3e4cb..58a2387 100644 --- a/PowerShellAccessControl.psm1 +++ b/PowerShellAccessControl.psm1 @@ -997,19 +997,23 @@ function New-AdaptedSecurityDescriptor { } | Add-Member -MemberType ScriptProperty -Name AccessPresent -PassThru -Value { $this.SecurityDescriptor.ControlFlags -match "DiscretionaryAcl" } | Add-Member -MemberType ScriptProperty -Name Access -PassThru -Value { - $this | Get-AccessControlEntry -AceType AccessAllowed, AccessDenied + "Use Get-AccessControlEntry" +# $this | Get-AccessControlEntry -AceType AccessAllowed, AccessDenied } | Add-Member -MemberType ScriptProperty -Name Owner -PassThru -Value { $this | GetPrincipalString -IdentityReference $this.SecurityDescriptor.Owner } | Add-Member -MemberType ScriptProperty -Name Group -PassThru -Value { $this | GetPrincipalString -IdentityReference $this.SecurityDescriptor.Group } | Add-Member -MemberType ScriptProperty -Name AccessToString -PassThru -Value { - $this | Get-AccessControlEntry -AceType AccessAllowed, AccessDenied | Convert-AclToString -DefaultAppliesTo (GetDefaultAppliesTo -IsContainer:$this.SecurityDescriptor.IsContainer -AccessMaskEnumeration $this.GetAccessMaskEnumeration()) + "Use Get-AccessControlEntry" +# $this | Get-AccessControlEntry -AceType AccessAllowed, AccessDenied | Convert-AclToString -DefaultAppliesTo (GetDefaultAppliesTo -IsContainer:$this.SecurityDescriptor.IsContainer -AccessMaskEnumeration $this.GetAccessMaskEnumeration()) } | Add-Member -MemberType ScriptProperty -Name AuditPresent -PassThru -Value { $this.SecurityDescriptor.ControlFlags -match "SystemAcl" } | Add-Member -MemberType ScriptProperty -Name Audit -PassThru -Value { - $this | Get-AccessControlEntry -AceType SystemAudit + "Use Get-AccessControlEntry" +# $this | Get-AccessControlEntry -AceType SystemAudit } | Add-Member -MemberType ScriptProperty -Name AuditToString -PassThru -Value { - $this | Get-AccessControlEntry -AceType SystemAudit | Convert-AclToString -DefaultAppliesTo (GetDefaultAppliesTo -IsContainer:$this.SecurityDescriptor.IsContainer -AccessMaskEnumeration $this.GetAccessMaskEnumeration()) + "Use Get-AccessControlEntry" +# $this | Get-AccessControlEntry -AceType SystemAudit | Convert-AclToString -DefaultAppliesTo (GetDefaultAppliesTo -IsContainer:$this.SecurityDescriptor.IsContainer -AccessMaskEnumeration $this.GetAccessMaskEnumeration()) } | Add-Member -MemberType ScriptMethod -Name RemoveAccessRule -PassThru -Value { param( $Rule @@ -1296,8 +1300,9 @@ function New-AdaptedSecurityDescriptor { Add-Member -MemberType ScriptProperty -Name HasGroupChanged -PassThru -Value { -not ($this.OriginalGroup -eq $this.SecurityDescriptor.Group) } | Add-Member -MemberType ScriptProperty -Name MandatoryIntegrityLabel -PassThru -Value { - Get-MandatoryIntegrityLabel -Path $this.SdPath -ObjectType $this.ObjectType | - Add-Member -MemberType ScriptMethod -Name ToString -Force -PassThru -Value { "{0} ({1})" -f $this.Principal, $this.AccessMaskDisplay } + "Use Get-MandatoryIntegrityLabel" +# Get-MandatoryIntegrityLabel -Path $this.SdPath -ObjectType $this.ObjectType | +# Add-Member -MemberType ScriptMethod -Name ToString -Force -PassThru -Value { "{0} ({1})" -f $this.Principal, $this.AccessMaskDisplay } } | Add-Member -MemberType ScriptMethod -Name GetAceCsv -PassThru -Value { param( [char] $Delimiter = "," @@ -2304,11 +2309,11 @@ or -Force flags with the {1} command. } } } - - $ActionTextSecInfo = 0 - if ($DiscretionaryAcl) { $ActionTextSecInfo = $ActionTextSecInfo -bor [PowerShellAccessControl.PInvoke.SecurityInformation]::ProtectedDacl } - if ($SystemAcl) { $ActionTextSecInfo = $ActionTextSecInfo -bor [PowerShellAccessControl.PInvoke.SecurityInformation]::ProtectedSacl } } + + $ActionTextSecInfo = 0 + if ($DiscretionaryAcl) { $ActionTextSecInfo = $ActionTextSecInfo -bor [PowerShellAccessControl.PInvoke.SecurityInformation]::UnprotectedDacl } + if ($SystemAcl) { $ActionTextSecInfo = $ActionTextSecInfo -bor [PowerShellAccessControl.PInvoke.SecurityInformation]::UnprotectedSacl } } process {