Solved

# acl reporter for just folders

Posted on 2014-02-11
932 Views
are there any tools out there, or scripts that will do an ACL report for a specific level, i.e.

\\server\share - do an ACL report for all root level sub directories in this share.

the only thing that comes close is accessEnum but it does all folders, sub folders, files, so the end report becomes ridiculous. I just want a tool where you can specify how deep to scan and limit to only directories.
0
Question by:pma111

LVL 7

Accepted Solution

Alex Green earned 500 total points
ID: 39849796
The only thing I know of that would beclose would be the following script

$OutFile = "C:\Permissions.csv"$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited,InheritanceFlags,PropagationFlags"
Del $OutFile Add-Content -Value$Header -Path $OutFile$RootPath = "C:\Test"

$Folders = dir$RootPath -recurse | where {$_.psiscontainer -eq$true}

foreach ($Folder in$Folders){
$ACLs = get-acl$Folder.fullname | ForEach-Object { $_.Access } Foreach ($ACL in $ACLs){$OutInfo = $Folder.Fullname + "," +$ACL.IdentityReference  + "," + $ACL.AccessControlType + "," +$ACL.IsInherited + "," + $ACL.InheritanceFlags + "," +$ACL.PropagationFlags
Add-Content -Value $OutInfo -Path$OutFile
}}


Change the root path to the folder or drive you want to scan
0

LVL 18

Expert Comment

ID: 39850081
0

LVL 3

Author Comment

ID: 39850085
accessenum though, as I clearly put in my quetion, you cant restrict the tool to a certain level, i.e. only folders, can you? i.e. if i specify a folder, its going to do an acl for all sub folders and files, which isnt what I am after

what I am after, is to only list the acl for root level folders in a specific directory

so if I specify \\server\share

I want the acl for \\server\share\folder 1, \\server\share\folder 2

I dont care about the acl for \\server\sharefolder1\ee.docx or \\server\share\folder1\subfolder2\ee.xlsx
0

## Featured Post

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Know what services you can and cannot, should and should not combine on your server.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…