sunhux
asked on
Amend script to comb for folders with access for Everyone
http://stackoverflow.com/questions/21104574/powershell-script-to-find-folders-which-have-everyone-access-and-how-to-delete
Got the following PS script from link above but what I need is to scan only & save the
output (containing the PC hostname or IP and the 'exposed' folder) but not to remove
the access to Everyone. Also, kindly provide steps on how from domain admin account
I can execute the script to poll all Windows laptops/PCs in our domain without placing
them in GPO logon/logout which will slow down users login/logout to AD.
Feel free to provide a VB or bat script if the script below is not suitable.
==========================
$rootFolder = '\\server\c$\somefolder' <== do we remove "\somefolder" ?
# get locale-specific name for 'Everyone' security principal
$sid = New-Object Security.Principal.Securit
$everyone = $sid.Translate([Security.P
Get-ChildItem $rootFolder -Recurse | ? { $_.PSIsContainer } | % {
$acl = Get-Acl $_.FullName
$acl.Access | ? { $_.IdentityReference -eq $everyone } | % {
$acl.RemoveAccessRule($_) <== just comment out/prefix this line with # ??
}
Set-Acl $_.FullName -Acl $acl | Out-Null
}
Got the following PS script from link above but what I need is to scan only & save the
output (containing the PC hostname or IP and the 'exposed' folder) but not to remove
the access to Everyone. Also, kindly provide steps on how from domain admin account
I can execute the script to poll all Windows laptops/PCs in our domain without placing
them in GPO logon/logout which will slow down users login/logout to AD.
Feel free to provide a VB or bat script if the script below is not suitable.
==========================
$rootFolder = '\\server\c$\somefolder' <== do we remove "\somefolder" ?
# get locale-specific name for 'Everyone' security principal
$sid = New-Object Security.Principal.Securit
$everyone = $sid.Translate([Security.P
Get-ChildItem $rootFolder -Recurse | ? { $_.PSIsContainer } | % {
$acl = Get-Acl $_.FullName
$acl.Access | ? { $_.IdentityReference -eq $everyone } | % {
$acl.RemoveAccessRule($_) <== just comment out/prefix this line with # ??
}
Set-Acl $_.FullName -Acl $acl | Out-Null
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.