I’m trying to write a script so that if a certain user has too many permissions on it, it deletes it out of the folder…the issue is it’s currently also removing all the audits that exist on the folder…
Below is a snippet of the function:
foreach($acl in (get-acl $path).access | ?{$_.identityreference -eq $user} | ? {$_}) { if($acl.filesystemrights -notmatch $permissions) { try { $x = (get-item -force $path).GetAccessControl('Access') $x.removeaccessruleSpecific($acl) set-acl $path -aclobject $x -erroraction stop } catch { $badgrab+=@("$user is a general user with improper permissions") } } }
On the set-acl it wipes the existing audits…is there a way to remove/set an ACL without deleting the audits?