How to augment this to also list the security groups assigned to the folders? RRS feed

  • General discussion

  • Hi,

    I have this PS script to list all folders that have specific security groups (FG_Biosas_Legacy_*) assigned to them.  How could I make it also list the specific security group assigned to each folder?

    foreach($folder in $folders) {
      $ACL = Get-Acl -Path $folder.FullName }
      if (($args.Count) -eq 2) {
     $dir = $args[0]
     if ((Test-Path $dir) -eq $true) {
      $script:FoldersFound = New-Object System.Collections.ArrayList
      $GroupName = $args[1]
      $folders = Get-ChildItem $dir -Recurse | Where-Object {$_.PSIsContainer}
      foreach($folder in $folders) {
       $i++; Write-Progress -activity "Scanning folders" -status "Percent scanned: " -percentComplete (($i / $folders.length) * 100)
       $ACL = Get-Acl -Path $folder.FullName
       foreach($ACE in $ACL.access) {
        if (($ACE.IdentityReference) -like "*\$GroupName") {
         if (($ACE.IsInherited) -eq $false) {
          $FoldersFound.Add($folder.FullName) | Out-Null
      foreach($folder in $FoldersFound) {
       Write-Host $folder
    } else {
     Write-Host "Syntax:" $MyInvocation.MyCommand.Name """path""" """Group Name"""

    Thanks in advance for any help with this!

    • Changed type Bill_Stewart Tuesday, May 30, 2017 8:21 PM
    • Moved by Bill_Stewart Tuesday, May 30, 2017 8:21 PM This is not "scripts on demand"
    Monday, April 24, 2017 2:17 PM

All replies

  • Whoever wrote this script seems to be missing some PowerShell basics.

    For example -- if (($args.Count) -eq 2) -- there's no need for that. Declare and use proper parameters, and you can even use comment-based help to document them.

    I would ask whoever wrote the script to assist you. Unfortunately this isn't the right place to paste a "code dump" and ask others to figure out what you mean and update the script to match your mental specifications.

    -- Bill Stewart [Bill_Stewart]

    Monday, April 24, 2017 2:48 PM
  • I did copy it from somewhere, and I don't know how to code myself.  Sorry for the code dump.  May I start over then and ask - How can I generate a list of all folders with security group x assigned so that the output lists the folders and the associated SGs?
    Monday, April 24, 2017 4:02 PM
  • "How can I" - Unfortunately, this is not a "script on request" forum but a forum where we answer specific scripting questions.

    Since you don't know where to start, the fastest way to get an answer would be to use a pre-written tool that can do this for you. One that comes to mind is DumpSec.

    -- Bill Stewart [Bill_Stewart]

    Monday, April 24, 2017 4:13 PM