PoshCode Archive  Artifact [ec79c2e712]

Artifact ec79c2e712869b7b45792df7a2f491ff30e40c41d4204abca0110bc36ac3ec8e:

  • File Get-NTFSPermissions.ps1 — part of check-in [dea4adf75d] at 2018-06-10 13:37:55 on branch trunk — Specify target host and root directory. The script will then recursively check for all folders and report on their NTFS permissions. (user: vidrine size: 2667)

# encoding: utf-8
# api: powershell
# title: Get-NTFSPermissions
# description: Specify target host and root directory.  The script will then recursively check for all folders and report on their NTFS permissions.
# version: 2013.01.14
# type: script
# author: vidrine
# license: CC0
# x-poshcode-id: 4189
# x-archived: 2016-05-01T22:16:14
# x-published: 2016-05-29T20:33:00
#
# Output is stored in a custom object, that is then exported to CSV.
#
<#
.SYNOPSIS
  Author:..Vidrine
  Date:....2013.01.14

.DESCRIPTION
  Thanks to http://jfrmilner.wordpress.com/  

  Specify target host and root directory.  The script will then recursively check for all folders and report on their NTFS permissions.
  Output is stored in a custom object, that is then exported to CSV.

  Script can easily be scaled to include processing multiple hosts, processing hosts imported from source file, process files instead of just folders, etc...
#>

$targetServer    = '\\ETH-470'    #Enter hostname
$targetDirectory = 'C:\Traces\Forms' #Enter directory name
$target          = Join-Path -ChildPath $targetDirectory -Path $targetServer
$arrResults      = @() #Initialize array used to store custom object output
$exportPath      = 'C:\temp\ntfsCheck2.csv' #Enter name of the CSV output file
 
#Query target directory for all 'folders' (excludes files via Where statement)
Get-ChildItem -Recurse -Path $target | Where { $_.PSIsContainer } |
forEach {
    $objPath = $_.FullName
    $coLACL  = Get-Acl -Path $objPath
    forEach ( $objACL in $colACL ) {
        forEach ( $accessRight in $objACL.Access ) {
            $objResults = New-Object –TypeName PSObject
            $objResults | Add-Member –MemberType NoteProperty –Name DirectoryPath      –Value $objPath
            $objResults | Add-Member –MemberType NoteProperty –Name Identity           –Value $accessRight.IdentityReference
            $objResults | Add-Member –MemberType NoteProperty –Name SystemRights       –Value $accessRight.FileSystemRights
            $objResults | Add-Member –MemberType NoteProperty –Name SystemRightsType   –Value $accessRight.AccessControlType
            $objResults | Add-Member -MemberType NoteProperty -Name IsInherited        -Value $accessRight.IsInherited
            $objResults | Add-Member -MemberType NoteProperty -Name InheritanceFlags   -Value $accessRight.InheritanceFlags
            $objResults | Add-Member –MemberType NoteProperty –Name RulesProtected     –Value $objACL.AreAccessRulesProtected
            $arrResults += $objResults
        }
    }
}
 
$arrResults | Export-CSV -NoTypeInformation -Path $exportPath