Ever need to quickly determine the ACL for a user in a folder and you wanted to do it in PowerShell? If so, you've realized it's not as easy as clicking on the folder properties and selecting the security tab.
The below function will check the input folder and user/group for full access to the target folder.
Usage is check-folder FOLDER USER
The script will then check the folder and see the rights. If the rights are not full control, it will set the value of $access to True. You can then use the value to do something.
function check-folder
# checks to see if the folder passed to it has full permissions
# granted for the builtin\users group.
# returns True if this is the case.
#
# Usage: check-folder "folder"
{
param($folder,$user)
$script:access=""
$acl=get-acl $folder
foreach ($accessrule in $acl.access)
{
if (($accessrule.identityreference -eq "$user") -and
($accessrule.filesystemrights -eq "FullControl"))
{
$script:access="True"
}
}}
Example:
Check-Folder c:\work "builtin\users"
if ($access -eq true)
{
write "Hey, $user has access to the $folder"
}
No comments:
Post a Comment