I've recently had the task of updating the permissions structures on our user home drives. I have a directory called home and a folder per user below home. There are two groups at the Home level, and these are forced down to each of the user folders. The user folders are set to inherit from their parent, and then the user is set to access only their folder.
I'm trying to write a powershell script which will show me if any folders have a specific ACL left behind. This is what I ended up with, and it just seems to return the sub-folder list for the specified directory where as I want only the folders which have the specified ACL.
$path = "\\server\share"
$folders = Get-ChildItem $path | where {$_.psiscontainer}
foreach ($folder in $folders)
{
$domain = "domname"
$aclname = "ACLname"
$aclfullname ="$domain\$aclname"
Get-Acl | select -ExpandProperty Access | where {$_.identityreference -contains $aclfullname}
Write-Host $folder.FullName
}
If I use the following, it returns only one result, but it returns the ACL and not the folder name.
$path = "\\node1\home"
$domain = "morgan-cole"
$aclname = "gsherlock"
$aclfullname ="$domain\$aclname"
Get-ChildItem $path | where {$_.psiscontainer} | Get-Acl | select -ExpandProperty Access | where {$_.identityreference -contains $aclfullname}
Any ideas? Hopefully my requirements make sense.