?
Solved

ACL Entries

Posted on 2012-09-12
4
Medium Priority
?
718 Views
Last Modified: 2012-09-12
I use the following command to get ACL entries on folders and sub folders at a specified location.

Get-ChildItem "filepath" -recurse -exclude *.* | ForEach-Object {Get-Acl $_.FullName} | ft -Wrap | Out-File C:\Temp\Permissions.txt -Width 375

Is there a way to have it return only non inherited entries?
0
Comment
Question by:LindyS
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:slidingfox
ID: 38389991
Try this
Get-ChildItem "filepath" -recurse -exclude *.* | 
ForEach-Object {
    Get-Acl $_.FullName |
    ForEach-Object {
        $_.Access | Where-Object { -not ($_.IsInherited) }
    }
} | 
ft -Wrap | 
Out-File C:\Temp\Permissions.txt -Width 375

Open in new window

0
 
LVL 3

Author Comment

by:LindyS
ID: 38390222
Not quite what I needed.
I have attached two files. Users_Folder_ACL.txt is what i get when I run the original command.

When I run your suggested command I get the results in permissions.txt.

I need to get the same information I get with the original command, I would just prefer to get only the non-inherited entries.
Permissions.txt
Users-Folder-ACL.txt
0
 
LVL 6

Accepted Solution

by:
slidingfox earned 2000 total points
ID: 38390318
OK, give this one a try

$paths = Get-ChildItem "filepath"

$output = @()

ForEach ($path in $paths) {
    
    $acl = Get-ACL $path.FullName
    
    $isInherited = $False
    
    ForEach ($item in $acl.Access) {
    
        if ($item.IsInherited) {
            $isInherited = $True
        }
    }
    
    if (-not $isInherited) {
        $output += $acl
    }
}

$output | ft -Wrap | Out-File C:\Temp\Permissions.txt -Width 375 

Open in new window

0
 
LVL 3

Author Closing Comment

by:LindyS
ID: 38390338
That is exactly what I wanted...Thank you.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question