NTFSSecurity.types.ps1xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
<?xml version="1.0" encoding="utf-8" ?>
<Types xmlns="http://schemas.microsoft.com/PowerShell/TypeData/2007/04">
  <!--<Types>-->
  <Type>
    <Name>System.IO.FileInfo</Name>
    <Members>
      <ScriptProperty>
        <Name>Owner</Name>
        <GetScriptBlock>
          [Security2.IdentityReference2]$this.GetAccessControl().GetOwner([System.Security.Principal.SecurityIdentifier])
        </GetScriptBlock>
      </ScriptProperty>
      <ScriptProperty>
        <Name>IsInheritanceBlocked</Name>
        <GetScriptBlock>
          $this.GetAccessControl([System.Security.AccessControl.AccessControlSections]::Access).AreAccessRulesProtected
        </GetScriptBlock>
      </ScriptProperty>
      <ScriptProperty>
        <Name>LengthOnDisk</Name>
        <GetScriptBlock>
          $driveInfo = New-Object NTFS.DriveInfoExt($this.PSDrive.Name + ":")
          [Math]::Ceiling($this.Length / ($driveInfo.BytesPerSector * $driveInfo.SectorsPerCluster)) * ($driveInfo.BytesPerSector * $driveInfo.SectorsPerCluster)
        </GetScriptBlock>
      </ScriptProperty>
      <AliasProperty>
        <Name>Size</Name>
        <ReferencedMemberName>LengthOnDisk</ReferencedMemberName>
      </AliasProperty>
      <ScriptMethod>
        <Name>EnableInheritance</Name>
        <Script>
          $sd = $this.GetAccessControl([System.Security.AccessControl.AccessControlSections]::Access)
 
          try
          {
          $sd.SetAccessRuleProtection($false, $null)
          $this.SetAccessControl($sd)
          }
          catch [Exception]
          {
          Write-Error -Exception $_.Exception -Message "Error enabling inheritance on item $($this.FullName)"
          }
        </Script>
      </ScriptMethod>
      <ScriptMethod>
        <Name>DisableInheritance</Name>
        <Script>
          param(
          [Parameter(Position = 0, Mandatory = $false)]
          [bool] $CopySecurity = $true
          )
          $sd = $this.GetAccessControl([System.Security.AccessControl.AccessControlSections]::Access)
 
          try
          {
          $sd.SetAccessRuleProtection($true, $CopySecurity)
          $this.SetAccessControl($sd)
          }
          catch [Exception]
          {
          Write-Error -Exception $_.Exception -Message "Error enabling inheritance on item $($this.FullName)"
          }
        </Script>
      </ScriptMethod>
      <ScriptMethod>
        <Name>GetHash</Name>
        <Script>
          $hash = [System.Security.Cryptography.SHA1]::Create().ComputeHash($this.OpenRead())
          $sb = New-Object System.Text.StringBuilder($hash.Length)
          for ($i = 0; $i -lt $hash.Length; $i++)
          {
          [Void]$sb.Append($hash[$i].ToString("X2"))
          }
          $sb.ToString()
        </Script>
      </ScriptMethod>
    </Members>
  </Type>
  <Type>
    <Name>System.IO.DirectoryInfo</Name>
    <Members>
      <ScriptProperty>
        <Name>Owner</Name>
        <GetScriptBlock>
          [Security2.IdentityReference2]$this.GetAccessControl().GetOwner([System.Security.Principal.SecurityIdentifier])
        </GetScriptBlock>
      </ScriptProperty>
      <ScriptProperty>
        <Name>IsInheritanceBlocked</Name>
        <GetScriptBlock>
          $this.GetAccessControl([System.Security.AccessControl.AccessControlSections]::Access).AreAccessRulesProtected
        </GetScriptBlock>
      </ScriptProperty>
      <ScriptMethod>
        <Name>EnableInheritance</Name>
        <Script>
          $sd = $this.GetAccessControl([System.Security.AccessControl.AccessControlSections]::Access)
 
          try
          {
          $sd.SetAccessRuleProtection($false, $null)
          $this.SetAccessControl($sd)
          }
          catch [Exception]
          {
          Write-Error -Exception $_.Exception -Message "Error enabling inheritance on item $($this.FullName)"
          }
        </Script>
      </ScriptMethod>
      <ScriptMethod>
        <Name>DisableInheritance</Name>
        <Script>
          param(
          [Parameter(Position = 0, Mandatory = $false)]
          [bool] $CopySecurity = $true
          )
          $sd = $this.GetAccessControl([System.Security.AccessControl.AccessControlSections]::Access)
 
          try
          {
          $sd.SetAccessRuleProtection($true, $CopySecurity)
          $this.SetAccessControl($sd)
          }
          catch [Exception]
          {
          Write-Error -Exception $_.Exception -Message "Error enabling inheritance on item $($this.FullName)"
          }
        </Script>
      </ScriptMethod>
    </Members>
  </Type>
 
  <Type>
    <Name>Security2.FileSystemAccessRule2</Name>
    <Members>
      <ScriptProperty>
        <Name>AccountType</Name>
        <GetScriptBlock>
          if (-not [System.Security.Principal.WindowsIdentity]::GetCurrent().Name.ToLower().Contains([System.Environment]::MachineName.ToLower()))
          {
          try
          {
          ([ADSI]"LDAP://&lt;SID=$($this.Account.Sid)&gt;").ObjectClass[-1]
          }
          catch
          {
          [string]::Empty
          }
          }
        </GetScriptBlock>
      </ScriptProperty>
    </Members>
  </Type>
</Types>