Powershell Syntax

It is a hash table, which contains one or more key/value pairs.
This is frequently used to pass parameters.
For example, if I wanted to execute a series of commands on a remote computer, I would need to provide the name of the computer, together with a script block (the series of commands to execute). I could use a hash table to do that, and it may look something like this:

        $params = @{
            ComputerName = 'server'
            ScriptBlock = { <series of commands to execute> }
        }
        Invoke-Command @params 

Select allOpen in new window

I don't have to use the hash table - I could put all the parameters on the Invoke-Command. Using the hash table makes the code a bit neater.

Using a hash table for parameters is one of the less common usuages (less than it should) and called splatting.
@{} creates an empty hash table you add "properties" (in fact it are key/values pairs, as stated correctly above) on the fly. E.g. if processed data needs to be stored in a way you can group together and still have direct access to. I.e.

$var = @{ colour = 'red'; size = 'large' }
$var += @ { location = 'there' }
write-host $var['location']

Select allOpen in new window

Often you will see building custom objects with hash tables:

$var = [PSCustomObject] @{ property1 ='value1'; property2 = 'value2' }
$var.property1

Select allOpen in new window

thanks for your responses.  

I have an additional issue in my code.  Attached is the PS script.  I am seeing an invalid token in multiple places - (ie. - I am getting a token error in multiple places.  Example is - At line:16 char:68 + ... ties name, schemaIDGUID | ForEach-Object {$schemaIDGUID.add  ([System.)

See attached file.

Thanks

Yeah, I tried the code on my system also .... several errors, multiple issues with spacing etc. ..... after a few edits (removing spaces ..) it now runs without error ... see attached file ...
get-permissions-1.ps1

The script had all kinds of issues (and do you really want to check each and every object in our AD?).
This should work:

Import-Module ActiveDirectory

# Filter by single user and export to a CSV file.
$User = 'Username'

$schemaIDGUID = @{}
$schemaIDGUID[([guid]'00000000-0000-0000-0000-000000000000')] = 'All'
Get-ADObject -SearchBase (Get-ADRootDSE).schemaNamingContext -LDAPFilter '(schemaIDGUID=*)' -Properties name, schemaIDGUID |
	ForEach-Object {$schemaIDGUID[([System.Guid]$_.schemaIDGUID)] = $_.name}
Get-ADObject -SearchBase "CN=Extended-Rights, $((Get-ADRootDSE).configurationNamingContext)" -LDAPFilter '(objectClass=controlAccessRight)' -Properties name, rightsGUID |
	ForEach-Object {$schemaIDGUID[([System.GUID]$_.rightsGUID)] = $_.name}

#Get a list of AD objects.
$AOs = @()
$AOs += Get-ADOrganizationalUnit -Filter * # | Select-Object -ExpandProperty DistinguishedName
$AOs += Get-ADObject -SearchBase (Get-ADDomain).DistinguishedName -SearchScope Subtree -LDAPFilter '(ObjectClass=*)' # | Select-Object -ExpandProperty DistinguishedName

#Loop through each of the AD objects and retrieve their permissions.
$AOs | ForEach-Object {
	$ao = $_
	Get-Acl -Path "AD:\$($ao.DistinguishedName)" |
		Select-Object -ExpandProperty Access |
		Select-Object -Property `
			@{n='DistinguishedName'; e={$ao.DistinguishedName}},
			@{n='objectTypeName'; e={$schemaIDGUID[$_.objectType]}},
			@{n='inheritedObjectyTypeName'; e={$schemaIDGUID[$_.inheritedObjectType]}},
			*
} | 
	Where-Object {$_.IdentityReference -like "*$($User)*"} | 
	Select-Object DistinguishedName, IdentityReference, ActiveDirectoryRights, IsInherited -Unique |
	Export-Csv -Path "C:\temp\explicit_permission.csv" -NoTypeInformation

Select allOpen in new window

Edit: Fixed issue with DistinguishedName missing in the results.

Thanks, oBdA

The script now runs without errors and a file is created, but the file is empty.  Nothing is getting written to the file.

Thoughts?

Thanks oBdA - Thanks for your assistance.  I am now able to get all the required data and am able to select groups or specific individuals to get the data on.  Thank you for your assistance.