PowerShell Script Help.....

by sqldba20 at 2012-10-24 07:49:01

Folks:

I need help with a PowerShell script to loop. I have the following subfolders under the Client folder (BFA, APHA, MLFE…) and we will be adding more later as and when new clients are added.

\SERVERNAME1\Clients\BFA<br>\SERVERNAME1\Clients\APHA<br>\SERVERNAME1\Clients\MLFE<br>\SERVERNAME1\Clients\PRUD<br>\SERVERNAME1\Clients\EMG<br>\SERVERNAME1\Clients\BOUG<br>\SERVERNAME1\Clients\MARK<br>
I have a powershell script to which we provide the path (path is hardcoded) of the folder and then it gets us the permissions on the folders. The script is working great but everytime a new folder is added under \SERVERNAME1\Clients\ I have to modify the script to include the new folder. What I want is, that the script get the sub-folder under ‘\SERVERNAME1\Clients’ using powershell and pass it on to the script and get me the output for all the sub-folders under ‘Clients’. Any help on this is appreciated.

Get-childitem \SERVERNAME1\Clients\BFA\ | where{$.psiscontainer} |
Get-Acl | % {
$path = $
.Path
$.Access | % {
New-Object PSObject -Property @{
Folder = $path.Replace(“Microsoft.PowerShell.Core\FileSystem::”,"")
Access = $
.FileSystemRights
User = $.IdentityReference
}
}
} | ? {-not $
.Inheritance}



Thanks !
by Klaas at 2012-10-24 07:54:58
I’m not sure I understand your problem correct.
Do you mean something like this:
Get-childitem -recurse \SERVERNAME1\Clients\ -directory |
?
by sqldba20 at 2012-10-24 08:15:32
I’m sorry I was not very clear.

What I want is that the sub-folder name under \SERVERNAME1\Clients\ be passed as a parameter so that whenever a new sub-folder is added under \SERVERNAME1\Clients\ I don’t have to open my script to add a new entry for the sub-folder. Here is how I do it now:


Get-childitem \SERVERNAME1\Clients\BFA\ | where{$.psiscontainer} |
Get-Acl | % {
$path = $
.Path
$.Access | % {
New-Object PSObject -Property @{
Folder = $path.Replace(“Microsoft.PowerShell.Core\FileSystem::”,"")
Access = $
.FileSystemRights
User = $.IdentityReference
}
}
} | ? {-not $
.Inheritance}


Get-childitem \SERVERNAME1\Clients\APHA\ | where{$.psiscontainer} |
Get-Acl | % {
$path = $
.Path
$.Access | % {
New-Object PSObject -Property @{
Folder = $path.Replace(“Microsoft.PowerShell.Core\FileSystem::”,"")
Access = $
.FileSystemRights
User = $.IdentityReference
}
}
} | ? {-not $
.Inheritance}


Get-childitem \SERVERNAME1\Clients\MLFE\ | where{$.psiscontainer} |
Get-Acl | % {
$path = $
.Path
$.Access | % {
New-Object PSObject -Property @{
Folder = $path.Replace(“Microsoft.PowerShell.Core\FileSystem::”,"")
Access = $
.FileSystemRights
User = $.IdentityReference
}
}
} | ? {-not $
.Inheritance}


Get-childitem \SERVERNAME1\Clients\PRUD\ | where{$.psiscontainer} |
Get-Acl | % {
$path = $
.Path
$.Access | % {
New-Object PSObject -Property @{
Folder = $path.Replace(“Microsoft.PowerShell.Core\FileSystem::”,"")
Access = $
.FileSystemRights
User = $.IdentityReference
}
}
} | ? {-not $
.Inheritance}
by poshoholic at 2012-10-24 13:42:36
Here’s a modified version of the core logic in your script:
Get-Content C:\pathsToCheck.txt | Get-ChildItem | Where-Object {$.PSIsContainer} | ForEach-Object {
$folder = $

Get-Acl $folder <br> | Select-Object -ExpandProperty Access
| Where-Object {-not $.IsInherited} <br> | Select-Object @&#40;<br> @{<br> Name=&#39;Folder&#39;<br> Expression={$folder.FullName}<br> }<br> @{<br> Name=&#39;Access&#39;<br> Expression={$_.FileSystemRights}<br> }<br> @{<br> Name=&#39;User&#39;<br> Expression={$_.IdentityReference}<br> }<br> &#41;<br>}</code><br>With this version, you can keep all of your paths in a C:\pathsToCheck.txt file, with one path per line and no header line, and the script will retrieve all information from all paths when you run it. This will allow you to get the data you want without having to modify your script.<br><br>Also, I made one other change that I believe corrects something you were trying to do. Your Where-Object segment in the end of the pipeline wasn't doing any filtering of access control entries that are inherited. It seemed with that condition in your script that you wanted any inherited access control entries to be omitted, so I put in a working Where-Object call that applies that filter correctly. If you actually don't want inherited permissions to be filtered out, simply remove that Where-Object condition.<br><br>Note that instead of using Get-Content with a text file, this could be written to accept any path as a parameter, however then you would have to type in the paths that you want to run it against every time. That didn't seem practical for this scenario, which is why I went the route of using a text file. It could also be written to support both, accepting input for ad-hoc invocation while defaulting to the contents of the text file when invoked with no parameters.<br><br>If you have any questions, please don't hesitate to ask.</blockquote>by sqldba20 at 2012-10-25 08:00:21<blockquote>Thanks Kirk for the script. I tried and it is giving me an error. Here is what I did:<br><br>Create a file named pathsToCheck.txt on C drive and added the following 3 paths in the script (there are many but I added only 3 for testing).<br><br>\\SERVERNAME1\Clients\BFA\<br>\\SERVERNAME1\Clients\APHA\<br>\\SERVERNAME1\Clients\MLFE\<br><br>Executed the script you posted and got this error:<br><br><span style="color: #FF0000">Get-Acl : Cannot find path 'Location' because it does not exist.<br>At line:3 char:12<br>+ Get-Acl &lt;&lt;&lt;&lt; $folder
+ CategoryInfo : ObjectNotFound: (:slight_smile: [Get-Acl], ItemNotFoundException
+ FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand

Get-Acl : Cannot find path ‘Territory’ because it does not exist.
At line:3 char:12
+ Get-Acl <<<< $folder <br> + CategoryInfo : ObjectNotFound: (:) [Get-Acl], ItemNotFoundException<br> + FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand<br><br>Get-Acl : Cannot find path 'Accounts' because it does not exist.<br>At line:3 char:12<br>+ Get-Acl &lt;&lt;&lt;&lt; $folder
+ CategoryInfo : ObjectNotFound: (:slight_smile: [Get-Acl], ItemNotFoundException
+ FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand


Looks like the script goes into each subfolder under \SERVERNAME1\Client\BFA… but not able to find the sub-folder under BFA.
by poshoholic at 2012-10-25 08:57:58
Sorry, I had one mistake that wasn’t apparent because I was in the directory I was testing with. Here’s a corrected version, with the call to Get-Acl corrected to use $folder.FullName instead of just $folder.
Get-Content C:\pathsToCheck.txt | Get-ChildItem | Where-Object {$
.PSIsContainer} | ForEach-Object {
$folder = $
Get-Acl $folder.FullName <br> | Select-Object -ExpandProperty Access
| Where-Object {-not $
.IsInherited} `
| Select-Object @(
@{
Name=‘Folder’
Expression={$folder.FullName}
}
@{
Name=‘Access’
Expression={$.FileSystemRights}
}
@{
Name=‘User’
Expression={$
.IdentityReference}
}
)
}
by sqldba20 at 2012-10-25 09:34:09
This works great. Thanks for all your help.