Hi everyone,
Normally I stick to just reading posts. But today I'm going to change that so that hopefully someone can help me out. I've been using Powershell for a few years but sometimes I don't use it for a few months.
Origin:
We have several different environments where we do changes before we move it to production servers. We've had issues where the ACL on the NTFS Permissions were different on test and production servers. Therefore I would like to get a readable overview of which NTFS permissions are different.
Purpose:
Create a script that outputs the differences between two folder structures that should be the same. And provide an easy readable format so it does not take hours to get to the bottom of it.
Script so far:
Clear-Host
#Set variables
$sourcepath = "P:\Powershell\TestData\Test\"
$targetpath = "P:\Powershell\TestData\TestTarget\"
$logfilename = "C:\Temp\test.log"
#$logfilename = Read-Host "Enter Output File Path and Name e.g. C:\Temp\test.txt"
$date = Get-Date
#-------------------------Do not edit under this line-----------------------------------
#Place Headers on output file
$list = "Comparing permissions for directories $sourcepath with $targetpath" | format-table | Out-File "$logfilename"
$datelist = "Report Run Time: $date" | format-table | Out-File -append "$logfilename"
$spacelist | format-table | Out-File -append "$logfilename"
#Get the ACL's of all folders in the source and target directory including subfolders
$sourceacls = Get-ChildItem -LiteralPath $sourcepath -force -recurse | Where-Object {$_.PSIsContainer} | ForEach {Get-ACL -LiteralPath $_.FullName}
$targetacls = Get-ChildItem -LiteralPath $targetpath -force -recurse | Where-Object {$_.PSIsContainer} | ForEach {Get-ACL -LiteralPath $_.FullName}
#$sourceacls | Get-Member -MemberType Properties
$comparison = Compare-Object -ReferenceObject $sourceacls -DifferenceObject $targetacls -Property accesstostring -PassThru | Select-Object path, Accesstostring | Format-List -property @{Label="Path";Expression={Convert-Path $_.Path}}, AccessToString | Out-File -append "$logfilename"
#$comparison | Get-Member -MemberType Properties
#$comparison
LogFile:
Comparing permissions for directories P:\Powershell\TestData\Test\ with P:\Powershell\TestData\TestTarget\
Report Run Time: 08/26/2015 13:59:16
Path : P:\Powershell\TestData\TestTarget\Data
AccessToString : DOMAIN\USER1 Allow ReadAndExecute, Synchronize
DOMAIN\USER2 Allow Modify, Synchronize
BUILTIN\Administrators Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
Path : P:\Powershell\TestData\Test\Data
AccessToString : DOMAIN\USER2 Allow Modify, Synchronize
BUILTIN\Administrators Allow FullControl
NT AUTHORITY\SYSTEM Allow FullControl
---------------------------------------------------------------------------
Question:
Do you have any suggestions on how to get a better readable format with HTML or something? Also the $comparison seems to have very strange properties that look unusable to me. Because I'd like to filter out the non-domain users.
Thank you for taking the time to read this.