Dear Friends,
I want to query groups and permissions on certain file share path using the powershell script below.
It is currently working and giving the correct output.
[CmdletBinding()]
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
$FullPath,
[Parameter(Mandatory = $false)]
$Base64Encoded = $false
)
# Change path to the script location
$ScriptPath = $MyInvocation.MyCommand.Path
$CurrentDir = Split-Path $ScriptPath
Push-Location $CurrentDir
If ($Base64Encoded)
{
$FullPath = [Text.Encoding]::Utf8.GetString([Convert]::FromBase64String($FullPath))
}
"$([System.Datetime]::Now.ToString("dd/MM/yy HH:mm:ss")) I am run" | Add-Content "C:\Users\3998nt\OneDrive - 3998nt\Documents\Query\Log.txt"
$Output = ""
Write-Verbose "Querying permissions applied on $FullPath ..."
Try
{
$env:UserName | Add-Content "C:\Users\3998nt\OneDrive - 3998nt\Documents\Query\Log.txt"
$FullPath | Add-Content "C:\Users\3998nt\OneDrive - 3998nt\Documents\Query\Log.txt"
$Acl = (Get-Acl -Path $FullPath).Access | Select IdentityReference,FileSystemRights | Where-Object {($_.IdentityReference -ne "BUILTIN\Administrators") -and ($_.IdentityReference -ne "NT AUTHORITY\Authenticated Users") -and ($_.IdentityReference -ne "BUILTIN\Power Users") -and ($_.IdentityReference -ne "BUILTIN\Backup Operators")}
If ($Acl -ne $null)
{
$Groups = $Acl.IdentityReference,$Acl.FileSystemRights
Write-Verbose "Groups found: $($Groups -join ';')"
Foreach ($Group in $Groups)
{
If (($Group -ne "BUILTIN\Administrators") -or ($Group -ne "NT AUTHORITY\Authenticated Users") -or ($Group -ne "BUILTIN\Power Users") -or ($Group -ne "BUILTIN\Backup Operators"))
{
If ($Output -eq "")
{
$Output = $Group -replace "\\D","\G"
}
Else
{
$Output = $Output + ";" + ($Group -replace "\\D","\G")
}
}
}
}
}
Catch
{
Write-Host "An error occurred while querying file share permissions."
Write-Host ($_ | ConvertTo-Json)
}
Write-Output $Output
$Output | Add-Content "C:\Users\3998nt\OneDrive - 3998nt\Documents\Query\Log.txt"
This is the actual output.
Domain\ADM_HOU_DataOp
Domain\G HOU GOMDW Dev Admin
Domain\G GOM Resource Data Management RW
Domain\G GoM Resource AREA RO
;
FullControl
FullControl
Modify, Synchronize
ReadAndExecute, Synchronize
This is the intended output.
Domain\ADM_HOU_DataOp FullControl
Domain\G HOU GOMDW Dev Admin FullControl
Domain\G GOM Resource Data Management RW Modify, Synchronize
Domain\G GoM Resource AREA RO ReadAndExecute, Synchronize
Any help provided will be much appreciated.
Thank you in advanced.
