Command to list single users that have special permissions to folders and sub

Hi,

For now i have following:

get-childitem \xxxxxfps001\Applications | where {get-aduser -filter {telephonenumber -like “*”}} | where{$.psiscontainer} | foreach-object { get-acl $.fullname | select path,owner,accesstostring}

It kinda works - but is pretty slow. I want to list on single users (thats why i was using telephone as filter - as groups and special users dont have it).

Any other idea how to do it efficiently?

Hi,

you can try running it like this:

$users = (get-aduser -filter {telephonenumber -like “*”}).sAMAccountName
get-childitem \xxxxxfps001\Applications | where{$.psiscontainer} | get-acl | where {$.Owner.split('')[1] -iin $users}

if you have users from multiple domains you check the ACL owner domain as well. i used the split function here to get only the username without the domain.

It shows me this error:

Unexpected token ‘iin’ in expression or statement.
At line:1 char:110

Unexpected token ‘users’ in expression or statement.
At line:1 char:114

That’s a type-o. Should be “-in” not “-iin”, without the “” of course.

$users = (get-aduser -filter {telephonenumber -like “*”}).sAMAccountName
get-childitem \xxxxxfps001\Applications | where{$.psiscontainer} | get-acl | where {$.Owner.split('')[1] -in $users}
You must provide a value expression on the right-hand side of the ‘-’ operator.
At line:3 char:110

Unexpected token ‘in’ in expression or statement.
At line:3 char:111

Unexpected token ‘users’ in expression or statement.
At line:3 char:114

Something still wrong

$psversiontable.PSVersion.Major -eq 2 ?

try to use $users -contains $.Owner.split('')[1] instead of $.Owner.split('')[1] -in $users