PowerShell Check ACL on Sub-Folders

    #Script that searches each sub folder's access list direct members.
        
        #Searching multiple folders to see if a Group / User is included on a folders ACL
        #Does Not Search for Users nested in Groups
        
        #------------ Parent Folder Name ----------------

        $FolderList=Get-ChildItem C:\
        
        
   
    #Da Loop
        foreach ($Folder in $FolderList) {
        
     
  #Pulls the full ACL for each sub folder of $FolderList and makes it into 1 long string --------
        $MyChecker = get-acl "C:\$Folder" | select AccesstoString -ExpandProperty Accesstostring 
        
        

          #---------------Add the users ID or the Group Name After the -like -------------------------
          #---------------This example searches the string returned on the ACL query -----------------
          #---------------Note: also can change from -Like to -NotLike to see where ------------------
          #---------------the user/group is not on a folders ACL--------------------------------------

          $SearchforString="Administrators"
        
     
      #See if Instring---------------------
            if($MyChecker -like "*$SearchforString*")
            {
            write-host "$SearchforString - User/Group Exists on Folder ACL - C:\$Folder" 
            }
        }    
        

  
        
        

2020 | Scott W. Head  |  Sr. Systems Admin | Certified Microsoft Windows Server Administrator