• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 387
  • Last Modified:

How can I get access permissions for folders (recursive) and display the full path

Hi,
I'm trying to write a PowerShell script that will output ACLs for folders (recursively) with the full path.

So far, I have two working scripts -- the first will output all folders in a directory recursively (with the full path) but with NO ACLs.  The second will output ACLs for folders recursively but will NOT display the full path.  Both scripts only apply to the working directory, i.e. R:\Groups\Accounting.  After a change to the R:\Groups\Accounting folder in PowerShell, I run these two single commands.

So, the first script (which will display the full path) is --
get-childitem -directory  -recurse | select-object FullName |  Out-Gridview

Sample output of first script:
FullName
R:\Groups\Accounting\Grants1
R:\Groups\Accounting\Grants2

The second script is --
get-childitem -directory  -recurse | select-object FullName |  foreach-object {Get-Acl $_.Fullname} | Out-Gridview

Sample output of second script:
Path          Owner          Access
Grants1      john.doe      UM\john.doe Allow FullControl      
                                          BUILTIN\Administrators Allow FullControl
Grants2     jane.doe       UM\jane.doe Allow FullControl
                                          BUILTIN\Administrators Allow FullControl  

What I'd like to see is --
Path                                                     Owner           Access                                        
R:\Groups\Accounting\Grants1      john.doe      UM\john.doe Allow FullControl      
                                                                                   BUILTIN\Administrators Allow FullControl

R:\Groups\Accounting\Grants2     jane.doe       UM\jane.doe Allow FullControl
                                                                                  BUILTIN\Administrators Allow FullControl

Any chance of achieving this with a sample line of PS code?
0
Robert Logan
Asked:
Robert Logan
  • 3
  • 2
2 Solutions
 
oBdACommented:
Get-ChildItem -Directory -Recurse | % {Get-Acl $_.Fullname} | Select @{n="Path";e={$_.PSPath.Split(":", 3)[2]}}, Owner, @{n="Access";e={($_.Access | % {"$($_.IdentityReference) $($_.AccessControlType) $($_.FileSystemRights)"}) -join "`r`n"}} | Out-Gridview

Open in new window

0
 
footechCommented:
No need to give points for this, but just wanted to point out a code simplification (it does the same as oBdA's).
Get-ChildItem -Directory -Recurse | Get-Acl | Select @{n="Path";e={($_.Path -Split "::")[-1]}},Owner, @{n="Access";e={$_.AccessToString}} | Out-Gridview

Open in new window

0
 
oBdACommented:
D'oh. And I was desperately searching in the .Access properties ...
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Robert LoganAuthor Commented:
If I wanted to prompt for the path using --
$Path = Read-Host -Prompt 'Enter path'

...would the next line be --

Get-ChildItem -Directory -Recurse | Get-Acl | Select @{n=$Path;e={($_.Path -Split "::")[-1]}},Owner, @{n="Access";e={$_.AccessToString}} | Out-Gridview

TIA.
0
 
oBdACommented:
Nope.
Get-ChildItem -Path $Path -Directory -Recurse | Get-Acl | Select @{n="Path";e={($_.Path -Split "::")[-1]}}, Owner, @{n="Access";e={$_.AccessToString}} | Out-Gridview

Open in new window

0
 
Robert LoganAuthor Commented:
Awesome!  Thank you so much!
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now