Hi,
I need some advice for my script. It gets a directory list and for each directory it checks teh ACL to try and find a match for an item in $groups array. Any matches are written/exported.
- For my function getDirectories I am using += to add to the array $Directs. This is fine for testing but I have read that using += for large arrays is a big no no. I am looking at about 230,000 directories.
- My output at the end of script line46, is (Write-Host $dir","$identity","$filerights","$inheritance). This shows be I am getting the correct out. But how do I write each of these lines to an array and later export the whole thing to a csv? I don't really understand the create new $obj threads I have been reading online.
- Finally, I'm pretty sure that reading each directory to get the path first, and then go back and read each directory to get the ACL is not a good idea and I should be getting what I want on the first pass. As I am learning had to make each separate to check they worked and now I don't know how to join them up. Is the function even necessary?
Any advice is appreciated. Thanks.
$stopwatch= [system.diagnostics.stopwatch]::StartNew()
$stopwatch.Start()
$groups= @("users", "Simon", "Administrat", "citadel")
# Change the starting directory below.
$Start="\\CITADEL\Users\Simon\Documents"
function getDirectories($Start){
$Directs=@()
$d=Get-ChildItem-Path$Start-Recurse-Directory-force | select fullname, name, parent
foreach ($ddin$d){
$path= ($dd.fullname).ToString()
$name= ($dd.Name).toString()
$parent= ($dd.Parent).ToString()
#how to add $name and $parent aswell?
$Directs+=$path
}
return$Directs
}
$directories= getDirectories($Start)
#Write-Host ==============================================================
#$directories
#$directories.count
#Write-Host ==============================================================
# Loop through each of the directories.
foreach($dirin$directories){
$ACL=Get-Acl$dir | select -ExpandProperty Access
foreach($entryin$ACL){
# Convert to string and strip out anything before and including the "\". Removes "BUILTIN\", "NT AUTHORITY\" etc
$identity= (($entry.IdentityReference).tostring() -replace'^[^\\]*\\', '')
$inheritance=$entry.IsInherited
# Convert to string and strip out the Synchronize. ex."FileSystemRights : ReadAndExecute, Synchronize"
$filerights= (($entry.FileSystemRights).ToString() -replace', Synchronize', '')
# Try and match the Identity to an item in $groups
if ($groups-match$identity){
#if there is a match record it.
#output to array.
Write-Host $dir","$identity","$filerights","$inheritance
# FINAL OUTPUT TO CSV SHOULD BE:
# $name , $parent , $path , $identity , $filerights , $inheritance
}
}
}
$directories.count
Write-host"Stopwatch :"$stopwatch.Elapsed
$stopwatch.Reset()
$stopwatch.Start()
$groups= @("users", "Simon", "Administrat", "citadel")
# Change the starting directory below.
$Start="\\CITADEL\Users\Simon\Documents"
function getDirectories($Start){
$Directs=@()
$d=Get-ChildItem-Path$Start-Recurse-Directory-force | select fullname, name, parent
foreach ($ddin$d){
$path= ($dd.fullname).ToString()
$name= ($dd.Name).toString()
$parent= ($dd.Parent).ToString()
#how to add $name and $parent aswell?
$Directs+=$path
}
return$Directs
}
$directories= getDirectories($Start)
#Write-Host ==============================================================
#$directories
#$directories.count
#Write-Host ==============================================================
# Loop through each of the directories.
foreach($dirin$directories){
$ACL=Get-Acl$dir | select -ExpandProperty Access
foreach($entryin$ACL){
# Convert to string and strip out anything before and including the "\". Removes "BUILTIN\", "NT AUTHORITY\" etc
$identity= (($entry.IdentityReference).tostring() -replace'^[^\\]*\\', '')
$inheritance=$entry.IsInherited
# Convert to string and strip out the Synchronize. ex."FileSystemRights : ReadAndExecute, Synchronize"
$filerights= (($entry.FileSystemRights).ToString() -replace', Synchronize', '')
# Try and match the Identity to an item in $groups
if ($groups-match$identity){
#if there is a match record it.
#output to array.
Write-Host $dir","$identity","$filerights","$inheritance
# FINAL OUTPUT TO CSV SHOULD BE:
# $name , $parent , $path , $identity , $filerights , $inheritance
}
}
}
$directories.count
Write-host"Stopwatch :"$stopwatch.Elapsed
$stopwatch.Reset()