Avatar of cawasaki
cawasaki
 asked on

script to export ntfs permisison to csv file

hello

i need a script to export ntfs right on user redirection folder, its a folder in windos 2012 server where every user have his redirected folder like this:

redirected_folder
john.smith
antonio.banderas
....

i need a script to export ntfs right for all this folder

thanks for help
Powershell* NTFSWindows Server 2012Scripting LanguagesMicrosoft Server OS

Avatar of undefined
Last Comment
Lionel MM

8/22/2022 - Mon
Steve Knight

Is this to audit what is there or in order to set permissions again at new location?  Also do you just want to know permissions on the root of each sub directory or to iterate down under that as any file or sub folder could have different permissions?
cawasaki

ASKER
hello,

its for audit actual permission, actually i need only the root pemrission on every folder, the goal is to be sure tha every use folder i have full control right of the user on the folder and subfolder and files right.

after that i will need a script to apply this right on every folder by getting the user name from the folder like this:

fodlername:
john.smith
isabella.Torro

so for folder john.smith check if user john.smith have full control, if not apply the  full control ntfs permission to folder subfolder and files.
same think for isabella.torro folder...

thanks for help
cawasaki

ASKER
any help plz?
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
Lionel MM

just to get the NTFS permissions simply add this to any script or create a new one using

icacls \\servername\sharename\*. /T /C >C:\Logs\NTFS.Log
or
icacls e:\redirected_folders\*. /T /C >C:\Logs\NTFS.Log
make sure you use the *. or else you will get persmissions on all the files too
cawasaki

ASKER
hello Lionel,

ok how i can only have the ntfs permission of all folder without subfolder and have this on csv file.

also how i can see the ntfs permission or understand the log file, because i dont see what permission is:

NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
                             CREATOR OWNER:(I)(OI)(CI)(IO)(F)

thnaks for help
cawasaki

ASKER
i have found what i need:

$FolderPath = Get-ChildItem -Directory -Path "c:\temp" -Force
$Output = @()
ForEach ($Folder in $FolderPath) {
    $Acl = Get-Acl -Path $Folder.FullName
    ForEach ($Access in $Acl.Access) {
$Properties = [ordered]@{'Folder Name'=$Folder.FullName;'Group/User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited}
$Output += New-Object -TypeName PSObject -Property $Properties            
}
}
$Output | Out-GridView

Open in new window


now i will create other question for script to add ntfs permission
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Jeff Glover

First line (NT Authority\System)
(I) = Inherited from Parent container, (OI)(CI) = Object Inherit, Container Inherit  (F)= Full Access
Second line (Creator Owner)
(I) = Inherited, (OI)(CI)(IO) = Object Inherit, Container Inherit, Applied only to subfolders and files, (F) = Full Access

If you want more information see this article
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc753525(v=ws.10)
ASKER CERTIFIED SOLUTION
cawasaki

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Lionel MM

well done and on your own--good job