Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Get ACL of all folders in shares

Tags:

powershell

powershell-4.0

Have script that pulls the ACL of all of the folders in network shares on my my server (minus admin shares). Seems to work but the output is giving me some numbers rather than the permissions and I don't understand what the number means and better yet how do I translate them to regular permissions (FC, RO, etc.)

$shares = Get-SmbShare | Where-Object Name -notlike "*$" | Select-Object Name

$Report = @()
foreach ($share in $shares){
   $path = "\\$env:COMPUTERNAME\" + $share.Name.ToString()
   $FolderPath = dir -Directory -Path $path -Recurse -Force
   Foreach ($Folder in $FolderPath) {
      $Acl = Get-Acl -Path $Folder.FullName
      foreach ($Access in $acl.Access)
      {
         $Properties = [ordered]@{
            'FolderName'=$Folder.FullName;
            'ADGroup or User'=$Access.IdentityReference;
            'Permissions'=$Access.FileSystemRights;
            'Inherited'=$Access.IsInherited}
         $Report += New-Object -TypeName PSObject -Property $Properties
      }
   }
}
$Report | Export-Csv -path "C:\temp\FolderPermissions.csv"

Here is some of the output that I get (trimmed a bit to keep it short)

"FolderName","ADGroup or User","Permissions","Inherited"
"\\WIN-RPK9O6GR3JM\foobar\STE","NT AUTHORITY\SYSTEM","FullControl","True"
...
"\\WIN-RPK9O6GR3JM\foobar\STE","CREATOR OWNER","268435456","True"
"\\WIN-RPK9O6GR3JM\foobar\STE\LOG","BUILTIN\Users","CreateFiles","True"
"\\WIN-RPK9O6GR3JM\foobar\STE\LOG","CREATOR OWNER","268435456","True"
...
"\\WIN-RPK9O6GR3JM\foobar\STE\TMP","BUILTIN\Users","CreateFiles","True"
"\\WIN-RPK9O6GR3JM\foobar\STE\TMP","CREATOR OWNER","268435456","True"
...
"\\WIN-RPK9O6GR3JM\SYSVOL\foobar.net","NT AUTHORITY\Authenticated Users","-1610612736","True"
...
"\\WIN-RPK9O6GR3JM\SYSVOL\foobar.net","BUILTIN\Administrators","-536084480","True"

If anyone can explain or point me in the right direction on what these values are and how I translate them I would be most grateful.

TIA!

like image 707
Jose Cintron Avatar asked Dec 09 '25 05:12

Jose Cintron

1 Answers

This is so far I have gotten to help you out: 

268435456 - FullControl

-536805376 - Modify, Synchronize

-1610612736 - ReadAndExecute, Synchronize

But go through the links to relate all of them :

Link 1

Link 2

Link 3

Hope it helps you.

like image 150
Ranadip Dutta Avatar answered Dec 11 '25 21:12

Ranadip Dutta
Sign in to Comment

Related questions

Powershell gives Get-Content : Exception of type 'System.OutOfMemoryException' was thrown
How to match multiple strings with Where-Object/Wildcards?
PowerShell function $input parameters
Discord.py install failed on Windows 10 (Python 3.9, log included)
How do I make use of New-ScriptFileInfo PrivateData?
Copy files to FTP and archive with today's date
Implement own method with multiple parameters in PowerShell
PowerShell 5 class: Import module needed for type
Powershell : sort xml by elements by child node value
Change Language and Regional settings on Windows
Batching data before passing through the pipeline
Python readlines() not working with .txt file generated from Powershell [duplicate]
How do I run C++ program in Powershell, just like CMD?
How to exit chocolatey installation if a condition is not met?
Getting System.IO.IOException on File.Encrypt with an impersonated user
How to determine if a function has been called in Powershell

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!