01 April 2016

File Permissions for Specific Security Group - Power Shell Script

Recently I have needed to run a report to get a list of all files and folders on a particular drive, and the security groups that have permissions assigned to those files/folders.  Upon looking into whether this was actually possible, I created a script to export a list of folders and their associated security group access.

Get-ChildItem C:\Users -recurse | ForEach-Object {Get-ACL $_.FullName} | select psPath,psParentPath,psChildName,AccessToString | Export-CSV -NoTypeInformation C:\TestExportFile.csv

This command will create a CSV file which we can use to then filter down, and get a list of all the folders that reference a particular group.  In this case, I have filtered the AccessToString field, which shows the security groups, and have searched for Testing Group 1 which was my test group.

This then shows only the folder locations which use the Testing Group 1 security group as NTFS permissions.  Although this is a rather manual process, it allows you to find all folders which use that particular security group.  This will come in handy if you're wanting to delete a security group, and want to quickly reference a File Server to ensure that nothing is referring to that particular group.

1 comment: