How to gather unique directory name and then export as CSV or Out-GridView?

Ask your PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 3 years and 6 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
User avatar
ITEngineer
Posts: 216
Last visit: Thu Mar 23, 2023 5:45 pm
Has voted: 4 times

How to gather unique directory name and then export as CSV or Out-GridView?

Post by ITEngineer »

Hi Everyone,

The below script is working fine to list all explicitly defined ACL in my file server directories with the below specific exclusion pattern.

Code: Select all

    'NT AUTHORITY\SYSTEM',
    'BUILTIN\Administrators',
    'CREATOR OWNER',
    'Everyone',
    'DOMAIN\SERVICE-AVScan,
    'S-1-5-21'
However, I need some help in the below code to gather and export the unique folder path that has broken ACL, as OGV or CSV file.

The below is my code so far:

Code: Select all

$Excludes = 'NT AUTHORITY\SYSTEM', 'BUILTIN\Administrators', 'CREATOR OWNER', 'Everyone', 'S-1-5-21'
$reExcludeObjects = '^({0})$' -f (($Excludes | ForEach-Object { [regex]::Escape($_) }) -join '|')

function Get-CustomDirInfo([IO.DirectoryInfo]$path, $parentAcl)
{
    $containerInherit = [Security.AccessControl.InheritanceFlags]::ContainerInherit
    $acl = (Get-Acl -Path $path.FullName).Access | Foreach-Object {
        New-Object PSObject -Property @{
            Path = $path.FullName;
            IdentityReference = $_.IdentityReference;
            FileSystemRights = $_.FileSystemRights;
            IsInherited = $_.IsInherited;
            InheritanceFlags = $_.InheritanceFlags;
            InheritedFrom = if ($_.IsInherited)
            {
                if ($parentAcl)
                {
                    $current = $_
                    $parentAce = $parentAcl.Access | Where-Object {
                        ($current.IdentityReference -eq $_.IdentityReference) -and
                        ($current.FileSystemRights -band $_.FileSystemRights) -and
                        ($_.InheritanceFlags -band $containerInherit) -and
                        ($_.IdentityReference -notmatch $reExcludeObjects)
                    }
                    if (!$parentAce -or ($parentAce.count -gt 1))
                    {
                        Write-Warning "Something is not right Parent ACE Count = $($parentAce.count) - $($path.FullName)"
                        #Export the broken direcotries path as unique entries 
                        $BrokenACLDirectories += $path.FullName
                        $BrokenACLDirectories | Select-Object -exp FullName -Unique | OGV -Title "There are $($BrokenACLDirectories.Count) Broken Directories"
                    }
                    if ($parentAce.IsInherited)
                    {
                        $parentAce.InheritedFrom
                    }
                    else
                    {
                        Split-Path $path.FullName -Parent
                    }
                }
                else
                {
                    "Unknown (Top:$($path.FullName))"
                }
            }
            else {
                "Not Inherited"
            }
        }
    }
    
    $acl
    $inheritableAcl = $acl | Where-Object { $_.InheritanceFlags -band $containerInherit }
    $path.FullName | Get-ChildItem | Where-Object { $_.PsIsContainer } | Foreach-Object { Get-CustomDirInfo $_ $inheritableAcl }
}

Get-CustomDirInfo (Get-Item C:\Users\Public) | ft Path, IdentityReference, FileSystemRights, IsInherited, InheritedFrom -Auto
This is the error in my IDE with the above code:
Image

I need some help in this section of the code:

Code: Select all

if (!$parentAce -or ($parentAce.count -gt 1))
                    {
                        Write-Warning "Something is not right Parent ACE Count = $($parentAce.count) - $($path.FullName)"
                        #Export the broken direcotries path as unique entries 
                        $BrokenACLDirectories += $path.FullName
                        $BrokenACLDirectories | Select-Object -exp FullName -Unique | OGV -Title "There are $($BrokenACLDirectories.Count) Broken Directories"
                    }
Thank you in advance.
/* IT Engineer */
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: How to gather unique directory name and then export as CSV or Out-GridView?

Post by jvierra »

Sorry but it is not possible to understand what you are trying to do.

ACEs do not have file names or paths. You would have to create custom objects for that.
User avatar
ITEngineer
Posts: 216
Last visit: Thu Mar 23, 2023 5:45 pm
Has voted: 4 times

Re: How to gather unique directory name and then export as CSV or Out-GridView?

Post by ITEngineer »

jvierra wrote: Tue Sep 15, 2020 3:46 pm Sorry but it is not possible to understand what you are trying to do.

ACEs do not have file names or paths. You would have to create custom objects for that.
Hi Mr. Vierra,

What I'm trying to do is to gather the lists of broken ACL directories name (unique) into .CSV or OGV when possible.
/* IT Engineer */
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: How to gather unique directory name and then export as CSV or Out-GridView?

Post by jvierra »

I don't understand why that is an issue? Just output them to a CSV using "Export-Csv".
This topic is 3 years and 6 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked