Hi,
I can’t seem to figure out how to match a value against an array of values in the where clause.
Basically I want to check the NTFS permissions on each folder against a list of excluded keywords.
For example: If the account BUILTIN\Administrators has rights on a subfolder it should be omitted, because the array $ACLExcludes contains the keyword “BUILTIN”.
This is my code:
Clear-Host Function Get-MyChildItem { param ( [Parameter(Mandatory = $true)] [String]$Path, [System.Int32]$MaxDepth = 3, [System.Int32]$Depth = 0 ) $Depth++ if ($Depth -le $MaxDepth) { try { $Subfolders = Get-ChildItem -path $Path -Directory -ErrorAction stop foreach ($SubFolder in $SubFolders) { Write-Host $Subfolder.FullName -BackgroundColor Green (Get-Acl $Subfolder.FullName).Access | Where { $_.identityreference.value -notmatch $ACLExcludes } | foreach { Write-Host $_.identityreference.value } Get-MyChildItem -Path $SubFolder.FullName -Depth $Depth -MaxDepth $MaxDepth } } catch { Write-Host "An error occurred for folder" $SubFolder.FullName ":" $_ -BackgroundColor Red } } } $RootFolder = "C:\ROOTFOLDER" $ACLExcludes = "BUILTIN","NT AUTHORITY","CREATOR OWNER" Get-MyChildItem -Path $RootFolder -MaxDepth 2