Tuesday, December 16, 2014

Permissions

So I worked on this script for a few hours yesterday

$drive = "F:\"
$fileName = "C:\Audits\FDrive_Audit_$((Get-Date -Format d).Replace(" ","_").replace("/","-").Replace(":",'-')).csv"
$ACL_Report = @()
$Stack = New-Object System.Collections.Stack

function getPermissions($folder)
{
    $ACL_Report = @()
    foreach($reference in (Get-ACL $folder | %{$_.Access}))
    {
        $aclObj = New-Object psobject
        $aclObj | Add-Member -MemberType NoteProperty -Name 'Path' -Value $folder
        $aclObj | Add-Member -MemberType NoteProperty -Name 'Account' -Value $reference.IdentityReference
        $aclObj | Add-Member -MemberType NoteProperty -Name 'Access' -Value $reference.FileSystemRights
        $aclObj | Add-Member -MemberType NoteProperty -Name 'Inherited' -Value $reference.IsInherited
        $aclObj | Add-Member -MemberType NoteProperty -Name 'Inheritance' -Value $reference.InheritanceFlags
        $aclObj | Add-Member -MemberType NoteProperty -Name 'Propagation' -Value $reference.PropagationFlags
        $ACL_Report += $aclObj
    }
    $ACL_Report += " "
    $ACL_Report | Export-Csv $fileName -NoTypeInformation -Append
}

function create-Queue($currentFolder)
{
    foreach($folder in (Get-ChildItem $currentFolder -Directory))
    {
        getPermissions $folder.FullName
        $Stack.Push($folder.FullName)
        create-Queue $stack.Pop()
    }
}
create-Queue $drive

The script is intended to go through every path in a directory and get all of the permissions of the folders, and export them into a CSV. Surprisingly enough, the script itself works great too; however, i came to the sad problem of paths being too long and not getting all of the permissions. I've looked at this from a long of angles and feel like I've ran out of Google power here. If someone has an idea of how to get this done, that doesn't include running a Robocopy first to get the paths. Please share with me. Kind regards, Me.