Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
Solved

# acl reporter for just folders

Posted on 2014-02-11
Medium Priority
1,050 Views
are there any tools out there, or scripts that will do an ACL report for a specific level, i.e.

\\server\share - do an ACL report for all root level sub directories in this share.

the only thing that comes close is accessEnum but it does all folders, sub folders, files, so the end report becomes ridiculous. I just want a tool where you can specify how deep to scan and limit to only directories.
0
Question by:pma111
[X]
###### Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

• Help others & share knowledge
• Earn cash & points

LVL 13

Accepted Solution

Alex Green earned 2000 total points
ID: 39849796
The only thing I know of that would beclose would be the following script

$OutFile = "C:\Permissions.csv"$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited,InheritanceFlags,PropagationFlags"
Del $OutFile Add-Content -Value$Header -Path $OutFile$RootPath = "C:\Test"

$Folders = dir$RootPath -recurse | where {$_.psiscontainer -eq$true}

foreach ($Folder in$Folders){
$ACLs = get-acl$Folder.fullname | ForEach-Object { $_.Access } Foreach ($ACL in $ACLs){$OutInfo = $Folder.Fullname + "," +$ACL.IdentityReference  + "," + $ACL.AccessControlType + "," +$ACL.IsInherited + "," + $ACL.InheritanceFlags + "," +$ACL.PropagationFlags
Add-Content -Value $OutInfo -Path$OutFile
}}


Change the root path to the folder or drive you want to scan
0

LVL 18

Expert Comment

ID: 39850081
0

LVL 3

Author Comment

ID: 39850085
accessenum though, as I clearly put in my quetion, you cant restrict the tool to a certain level, i.e. only folders, can you? i.e. if i specify a folder, its going to do an acl for all sub folders and files, which isnt what I am after

what I am after, is to only list the acl for root level folders in a specific directory

so if I specify \\server\share

I want the acl for \\server\share\folder 1, \\server\share\folder 2

I dont care about the acl for \\server\sharefolder1\ee.docx or \\server\share\folder1\subfolder2\ee.xlsx
0

## Featured Post

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
###### Suggested Courses
Course of the Month5 days, 6 hours left to enroll