Solved

How to enumerate which folders are not inheriting permissions from parent folder

Posted on 2014-03-24
11
498 Views
1 Endorsement
Last Modified: 2014-05-17
I am trying to identify which folders are not inheriting their permissions from their parent folder.

I need to make a lot of changes to permissions over the next few weeks and want to identify in advance which folders are not going to get the new permissions.
1
Comment
Question by:llcooljsl1983
  • 6
  • 5
11 Comments
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 39950163
Modified to the ref. given below here is the new code:
--------------------------

#requires -version 3

$Path = "c:\temp"
$Folders = Get-ChildItem $Path -Directory -Recurse
$statuses = @()

Foreach ($Folder in $Folders)
{
    $ACLs = Get-Acl -Path $Folder.fullname | ForEach-Object { $_.Access }
    Foreach ($ACL in $ACLs)
    {
        if (!($ACL.IsInherited))
        {
                $status = [ordered]@{
                FolderPath = $Folder.Fullname;
                IsInherited = $ACL.IsInherited;
                InheritanceFlags = $ACL.InheritanceFlags;
                PropagationFlags = $ACL.PropagationFlags }
            $statuses += (New-Object -TypeName PSObject -Property $status)
            break;
        }
       
    }
}
$statuses | Export-Csv -Path c:\temp\report.csv -Encoding ASCII -NoTypeInformation

Ref: http://powershell.com/cs/forums/p/14430/28052.aspx
0
 

Author Comment

by:llcooljsl1983
ID: 39950292
So I will need to install powershell on each of the file servers and manually run this script on every directory, replacing c:\temp with the actual directory?

There are a number of file servers, each with around 300 shared folders :(

Is there not an application which can do this on a more automated / server level way?

Thanks
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 39950300
You dont need to install and run from each server. You just need to run my script from one server or Computer
you can write all the server names in a csv file and the directory names where to want to look (ie share name)
i can modify to include it.

what is the structure of the location you are looking into.
can you give few examples please. i will modify accordingly.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:llcooljsl1983
ID: 39950548
So it will for example

\\server\data
\\server\london
\\server\room

On the actual server, these have been split across C: D: E: F: G: drives

Is that what you mean?

Regards
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 39950554
do you have a list of all the shares on all the servers. if you can enter them in a csv file that would be good
if not, we need to modify the script to find the shares automatically given the server names atleast in a text file.
0
 

Author Comment

by:llcooljsl1983
ID: 39950585
Could you base it on a dummy CSV that I could enter the shares?

I would be told off if I uploaded company specific information. :)

Thanks
0
 
LVL 19

Assisted Solution

by:Raheman M. Abdul
Raheman M. Abdul earned 500 total points
ID: 39950615
I was just asking about examples, i understand the policies.

servers.csv  should contain the information of this type:

\\server\data
\\server\london
\\server\room


Try this code:
##################
#requires -version 3
$paths = Get-Content c:\servers.csv
foreach ($Path in $paths)
{
$Folders = Get-ChildItem $Path -Directory -Recurse
$statuses = @()

Foreach ($Folder in $Folders)
{
    $ACLs = Get-Acl -Path $Folder.fullname | ForEach-Object { $_.Access }
    Foreach ($ACL in $ACLs)
    {
        if (!($ACL.IsInherited))
        {
                $status = [ordered]@{
                FolderPath = $Folder.Fullname;
                IsInherited = $ACL.IsInherited;
                InheritanceFlags = $ACL.InheritanceFlags;
                PropagationFlags = $ACL.PropagationFlags }
            Write-Host $status
            Write-Host "processing $Folder"

            $statuses += (New-Object -TypeName PSObject -Property $status)
            break;
        }
       
    }
}
}

$statuses | Export-Csv -Path c:\temp\report.csv -Encoding ASCII -NoTypeInformation

########################
0
 

Author Comment

by:llcooljsl1983
ID: 39950747
Thanks, what would the columns / headings be within the source CSV?

Thanks again for your help
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 39950780
no need to enter column headings.
0
 

Accepted Solution

by:
llcooljsl1983 earned 0 total points
ID: 40058618
In the end I used the NTFS reporting tool from www.cjwdev.co.uk and filtered for ownership.
0
 

Author Closing Comment

by:llcooljsl1983
ID: 40071908
Very helpful posts but the software from CJWDEV was a lot easier.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
A brief introduction to what I consider to be the best editor for PowerShell.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question