Solved

Get ACL for File or Folder

Posted on 2013-12-13
2
758 Views
Last Modified: 2013-12-13
I want to be able to dump to a string the ACL information for a file or folder, however when I run the script and it gets to the following line:-
$fileACLAccess = (Get-ACL $_.FullName).Access

Open in new window

, I just get
System.Security.AccessControl.FileSystemAccessRule System.Security.AccessControl.FileSystemAccessRule System.Security.AccessControl.FileSystemAccessRule System.Security.AccessControl.FileSystemAccessRule

My compete code is:-
Function scanDirectory($strDirectory) {
    write-host "Snap shotting " $strDirectory
	dir $strDirectory | % { if ($_.PsIsContainer) { 
			echo "Directory Found - $_\" 
            $fileACLOwner = (Get-ACL $_.FullName).Owner
            $fileACLAccess = (Get-ACL $_.FullName).Access
            $fileACLGroup = (Get-ACL $_.FullName).Group
            
            write-host $fileACLOwner
            write-host $fileACLAccess
            write-host $fileACLGroup
            
			scanDirectory($strDirectory + "\" + $_) 
			} 
		else { 
                     $fileACLOwner = (Get-ACL $_.FullName).Owner
                     $fileACLAccess = (Get-ACL $_.FullName).Access
                     $fileACLGroup = (Get-ACL $_.FullName).Owner
			} 
		}
	}
    
scanDirectory("d:\")

Open in new window


Is it possible to get the variable to a string?

Thank you
0
Comment
Question by:tonelm54
2 Comments
 
LVL 40

Accepted Solution

by:
Subsun earned 500 total points
ID: 39716468
Access is a multivalued property.. Try to convert it to string and see if it works for you..
$fileACLAccess = (Get-ACL $_.FullName).Access | Out-String

Open in new window

0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 39716477
Function scanDirectory($strDirectory) {
    write-host "Snap shotting " $strDirectory
      dir $strDirectory | % { if ($_.PsIsContainer) {
                  echo "Directory Found - $_\"
            $fileACLOwner = (Get-ACL $_.FullName).Owner
            $fileACLAccess = (Get-ACL $_.FullName).Access
            $fileACLGroup = (Get-ACL $_.FullName).Group
           
            $fileACLOwner
            $fileACLAccess
            $fileACLGroup
           
                  scanDirectory($strDirectory + "\" + $_)
                  }
            else {
                     $fileACLOwner = (Get-ACL $_.FullName).Owner
                     $fileACLAccess = (Get-ACL $_.FullName).Access
                     $fileACLGroup = (Get-ACL $_.FullName).Owner
                  }
            }
      }
   
scanDirectory("c:\temp")
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used.

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question