So I am auditing a file share and need to make some permission changes. However some folders don't inherit permissions from the parent folder (I can't change this) so setting permissions will have to occur on the individual folders.
I have this code which sorta works (it dumps all the ACL's so I have multiple entries in my output file). Is there an alternative method which works better to find this information?
$OutFile = "C:\Reports\report.csv"
$Header = "Folder Path,IsInherited,InheritanceFlags,PropagationFlags"
Add-Content -Value $Header -Path $OutFile
$Path = "\\fileserver\share\"
$Folders = dir $Path -recurse | where {$_.PSIsContainer -eq $true}
Foreach ($Folder in $Folders){
$ACLs = get-acl $Folder.fullname | ForEach-Object { $_.Access }
Foreach ($ACL in $ACLs){
if ($ACL.IsInherited -eq $false){
$OutInfo = $Folder.Fullname + "," + $ACL.IsInherited + "," + $ACL.InheritanceFlags + "," + $ACL.PropagationFlags
Add-Content -Value $OutInfo -Path $OutFile
}}}
Next, once I have this information, is it possible to use a PowerShell script to add a user or group to those folders which have blocked inheritance?
Thank you.