In our network we have changed companies and have migrated to a new domain using the new company name. There is a two way trust between the two domains. We have cases where we have folder permissions that contain groups and users from both the new domain (domain1) and the old domain (domain2).
For example on folder A that sits on a server in Domain1 the ACL list may look like
Domain1\Domain Admins
Domain2\Domain Admins
Domain1\Group1
Domain2\User3
Domain2\User1
Domain2\Domain Users
If I run
get-acl path |select -ExpandProperty Access
any groups or users in Domain2 that are not a Built in group and also have a similar named account in Domain1 will show as Domain1\User3 instead of Domain2\User3
I am wondering if anyone else is having this issue. My end goal is to remove all permission entries for the old domain (domain2) so I have built a script to query each folder and list the permissions then any that begin with Domain2\* are to be removed by the script. Get-acl is reporting a lot of entries as incorrectly beginning with Domain1 instead of Domain2 so will not be picked up in my script.
Many Thanks in advance