Creating an array of directories

Tagged: 

This topic contains 2 replies, has 2 voices, and was last updated by Profile photo of rambog cnonline.net rambog cnonline.net 3 years, 3 months ago.

  • Author
    Posts
  • #12480
    Profile photo of rambog cnonline.net
    rambog cnonline.net
    Participant

    I need to be able to adjust the permissions on a directory. Because the directory tree is quite extensive, I plan on only inspecting and changing the first three layers of a directory. So, a directory will be copied via Robocop (with /E /SEC /MIR switches) and groups will be added to the ACL for the first three layers.

    Now, the first step is to create an array that lists the directories in question. I imagine using something along the lines of Get-Childitem -Path -Recourse -Force|where-object {$_.psIsContainer} but I need to account for the possibility that the top level directory will have no child folders or that they will only be one layer deep. I also need to go at least three layers should it goes that deep. I will not look past three layers as I imaging the program will take quite some time to run.

    Once I have a list of the directories, I want the array to have two more columns- one with the IdentityReference and the other with FileSystemRights. Both of these properties come from Get-ACL |select -expand access. Once I get it populated, I will look for a certain string (those IdentityReference =Domain B) and change it to a IdentityReference for a different group in Domain B. I will not be replacing but adding. Anyway, I will then send this over to set-ACL to add these new groups.

    I am not looking for the program but a good way of stepping through the directories-any ideas would be appreciated.

  • #12481
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    Get-ChildItem accepts wildcards as part of the path, so you can easily generate your list of directories like this:

    function Get-SubDirectories
    {
        [CmdletBinding()]
        param (
            [Parameter(Mandatory)]
            [string]
            $RootFolder,
    
            [uint32]
            $Depth = 1
        )
    
        $path = $RootFolder
        for ($i = 1; $i -le $Depth; $i++)
        {
            $path = Join-Path -Path $path -ChildPath '*'
            Get-ChildItem -Path $path -Directory
        }
    }
    
    Get-SubDirectories -RootFolder  -Depth 3 |
    ForEach-Object {
        $directory = $_
        $acl = $directory | Get-Acl
    
        # ... etc
    }
    
  • #12586
    Profile photo of rambog cnonline.net
    rambog cnonline.net
    Participant

    Dave,
    While it steps through the directories properly -going to a list of three sublayers, the Get-ACL portion only returned what was a very small portion of the acl. I have taken your ideas and the below may yield all the results although I need to identify the directory each entry pertains to.

    function Get-SubDirectories
    {
    [CmdletBinding()]
    param (
    [Parameter(Mandatory)]
    [string]
    $RootFolder,

    [uint32]
    $Depth = 3
    )

    $path = $RootFolder
    $total=@()
    for ($i = 1; $i -le $Depth; $i++)
    {
    $path = Join-Path -Path $path -ChildPath '*'
    $dir=Get-ChildItem -Path $path -Directory
    $total+=$dir
    }
    Write-Output $total
    }

    $acl=Get-SubDirectories -RootFolder "\\NAS\Share\Agency Group Folder" -Depth 3 | Get-ACL |select -expand access

    Write-Output $acl

    Each output item looks like,
    FileSystemRights : FullControl
    AccessControlType : Allow
    IdentityReference : NT AUTHORITY\SYSTEM
    IsInherited : True
    InheritanceFlags : ContainerInherit, ObjectInherit
    PropagationFlags : None

    This is what I am looking for for each directory (three layers deep). I will toy around with trying to get the directory listed with each entry. If you know readily, please advise. Thanks.

You must be logged in to reply to this topic.