locked
Question on ConvertTo-HTML RRS feed

  • Question

  • I'm using a powershell script to enumerate items in SecPol.  It works well however I would like to Convert the output of the script into html.  Can someone help.  here is the script.  When I try to convert to html it doesn't output right.

     

    $temp = "c:\temp"
    $file = "$temp\privs.txt"
    [string] $readableNames
    $outHash = @{}

    $process = [diagnostics.process]::Start("secedit.exe", "/export /cfg $file /areas USER_RIGHTS")
    $process.WaitForExit()
    $in = get-content $file

    foreach ($line in $in) {
     if ($line.StartsWith("Se")) {
     $privilege = $line.substring(0,$line.IndexOf("=") - 1)
     switch ($privilege){
     "SeCreateTokenPrivilege " {$privilege = "Create a token object"}
     "SeAssignPrimaryTokenPrivilege" {$privilege = "Replace a process-level token"}
     "SeLockMemoryPrivilege" {$privilege = "Lock pages in memory"}
     "SeIncreaseQuotaPrivilege" {$privilege = "Adjust memory quotas for a process"}
     "SeUnsolicitedInputPrivilege" {$privilege = "Load and unload device drivers"}
     "SeMachineAccountPrivilege" {$privilege = "Add workstations to domain"}
     "SeTcbPrivilege" {$privilege = "Act as part of the operating system"}
     "SeSecurityPrivilege" {$privilege = "Manage auditing and the security log"}
     "SeTakeOwnershipPrivilege" {$privilege = "Take ownership of files or other objects"}
     "SeLoadDriverPrivilege" {$privilege = "Load and unload device drivers"}
     "SeSystemProfilePrivilege" {$privilege = "Profile system performance"}
     "SeSystemtimePrivilege" {$privilege = "Change the system time"}
     "SeProfileSingleProcessPrivilege" {$privilege = "Profile single process"}
     "SeCreatePagefilePrivilege" {$privilege = "Create a pagefile"}
     "SeCreatePermanentPrivilege" {$privilege = "Create permanent shared objects"}
     "SeBackupPrivilege" {$privilege = "Back up files and directories"}
     "SeRestorePrivilege" {$privilege = "Restore files and directories"}
     "SeShutdownPrivilege" {$privilege = "Shut down the system"}
     "SeDebugPrivilege" {$privilege = "Debug programs"}
     "SeAuditPrivilege" {$privilege = "Generate security audit"}
     "SeSystemEnvironmentPrivilege" {$privilege = "Modify firmware environment values"}
     "SeChangeNotifyPrivilege" {$privilege = "Bypass traverse checking"}
     "SeRemoteShutdownPrivilege" {$privilege = "Force shutdown from a remote system"}
     "SeUndockPrivilege" {$privilege = "Remove computer from docking station"}
     "SeSyncAgentPrivilege" {$privilege = "Synchronize directory service data"}
     "SeEnableDelegationPrivilege" {$privilege = "Enable computer and user accounts to be trusted for delegation"}
     "SeManageVolumePrivilege" {$privilege = "Manage the files on a volume"}
     "SeImpersonatePrivilege" {$privilege = "Impersonate a client after authentication"}
     "SeCreateGlobalPrivilege" {$privilege = "Create global objects"}
     "SeTrustedCredManAccessPrivilege" {$privilege = "Access Credential Manager as a trusted caller"}
     "SeRelabelPrivilege" {$privilege = "Modify an object label"}
     "SeIncreaseWorkingSetPrivilege" {$privilege = "Increase a process working set"}
     "SeTimeZonePrivilege" {$privilege = "Change the time zone"}
     "SeCreateSymbolicLinkPrivilege" {$privilege = "Create symbolic links"}
     "SeDenyInteractiveLogonRight" {$privilege = "Deny local logon"}
     "SeRemoteInteractiveLogonRight" {$privilege = "Allow logon through Terminal Services"}
     "SeServiceLogonRight" {$privilege = "Logon as a service"}
     "SeIncreaseBasePriorityPrivilege" {$privilege = "Increase scheduling priority"}
     "SeBatchLogonRight" {$privilege = "Log on as a batch job"}
     "SeInteractiveLogonRight" {$privilege = "Log on locally"}
     "SeDenyNetworkLogonRight" {$privilege = "Deny Access to this computer from the network"}
     "SeNetworkLogonRight" {$privilege = "Access this Computer from the Network"}
     }
     $sids = $line.substring($line.IndexOf("=") + 1,$line.Length - ($line.IndexOf("=") + 1))
     $sids =  $sids.Trim() -split ","
     $readableNames = ""
     foreach ($str in $sids){
        $str = $str.substring(1) # For some reason, secedit appends a * to the SID like *S-1-5-32-544, this just strips the first character
        $sid = new-object System.Security.Principal.SecurityIdentifier($str)
        $readableName = $sid.Translate([System.Security.Principal.NTAccount])
        $readableNames = $readableNames + $readableName.Value + ","
      }
    $outHash.Add($privilege,$readableNames.substring(0,($readableNames.Length - 1))) #output edited version
     }
    }
    $outHash | convertto-html | set-content c:\users\username\desktop\secpol.htm

     


    SMaximus7
    • Edited by SMaximus7 Wednesday, December 21, 2011 7:57 PM
    Wednesday, December 21, 2011 7:42 PM

Answers

  • Change your last line from this:

    $outHash | convertto-html | set-content c:\users\username\desktop\secpol.htm

    ...to this:

    $outHash.GetEnumerator() | convertto-html | out-file c:\users\username\desktop\secpol.htm


    ([string](0..9|%{[char][int](32+("39826578846355658268").substring(($_*2),2))})).replace(' ','')
    • Edited by Bigteddy Thursday, December 22, 2011 5:46 AM
    • Marked as answer by SMaximus7 Thursday, December 22, 2011 2:54 PM
    Thursday, December 22, 2011 5:44 AM
  • Try this:
    

    $outHash.GetEnumerator() | select name, value | convertto-html | out-file c:\users\username\desktop\secpol.htm
    

     


    ([string](0..9|%{[char][int](32+("39826578846355658268").substring(($_*2),2))})).replace(' ','')
    • Marked as answer by SMaximus7 Thursday, December 22, 2011 3:02 PM
    Thursday, December 22, 2011 2:59 PM

All replies

  • Can someone help with this?
    SMaximus7
    Wednesday, December 21, 2011 9:24 PM
  • Change your last line from this:

    $outHash | convertto-html | set-content c:\users\username\desktop\secpol.htm

    ...to this:

    $outHash.GetEnumerator() | convertto-html | out-file c:\users\username\desktop\secpol.htm


    ([string](0..9|%{[char][int](32+("39826578846355658268").substring(($_*2),2))})).replace(' ','')
    • Edited by Bigteddy Thursday, December 22, 2011 5:46 AM
    • Marked as answer by SMaximus7 Thursday, December 22, 2011 2:54 PM
    Thursday, December 22, 2011 5:44 AM
  • Thanks BigTeddy that did it.  One more question.  The output gives me name, key, value.  How do I get just the key and the value or the name and the value?
    SMaximus7
    Thursday, December 22, 2011 2:54 PM
  • Try this:
    

    $outHash.GetEnumerator() | select name, value | convertto-html | out-file c:\users\username\desktop\secpol.htm
    

     


    ([string](0..9|%{[char][int](32+("39826578846355658268").substring(($_*2),2))})).replace(' ','')
    • Marked as answer by SMaximus7 Thursday, December 22, 2011 3:02 PM
    Thursday, December 22, 2011 2:59 PM
  • Thanks again :-)
    SMaximus7
    Thursday, December 22, 2011 3:02 PM