We Keep Coding

Export list of folders from shared drives on network

Hopefully this is a quick and easy process.
I need to build a tree (using powershell) of our network folders for auditing perposes.
I am wanting to start at the top level, root folder and encompass everything that falls under it. I know it will take a long time but that is okay with me.
I have full permissions on the root drive and inherency is turned on so there should be no folder permission errors.
I would like to export the tree to a .csv to look like this
Folder Name Folder Path
Folder1 \root\path\folder1
Folder2 \root\path\folder2
Here is what I have so far:
$path = "root\path\folder"
$reportPath = "C:\scripts
Get-ChildItem $Path -Recurse -Directory | Select-object psPath,psChildName | Export-CSV -path $reportPath
This gives me the results I am looking for but I get the dreaded "Microsoft.PowerShell.Core\FileSystem::" in the PSPath.
Does anyone know what I need to add in to hide that precursor to the pathway?

FullName is probably the property you're after. And if you want to have the CSV properties say "Folder Name" and "Folder Path" you can either use calculated properties with Select-Object or create your own object in a foreach-object loop.
Get-ChildItem $Path -Recurse -Directory |
Select-object #{n='Folder Name';e='Name'},#{n='Folder Path';e='FullName'} |
Export-Csv -path $reportPath -NoTypeInformation
or
Get-ChildItem $Path -Recurse -Directory | ForEach-Object {
[PSCustomObject]#{
'Folder Name' = $_.Name
'Folder Path' = $_.FullName
}
} | Export-Csv -path $reportPath -NoTypeInformation

Powershell, Get access rights of shared files, format output?

I have some shared files set up for me for testing purposes, on a Windows Server 2016.
My given task is to get all the users, and their access rights to there shared files/folders.
I get the shared files with
Get-SmbShare | Select-Object -Property Name, Path
What I think I should do, is passing each share's path into
Get-Acl
So I came up with this:
$shares = Get-SmbShare | Where-Object Name -notlike "*$" | Select-Object Name
foreach ($share in $shares){
$path = "\\$env:COMPUTERNAME\" + $share.Name.ToString()
$FolderPath = dir -Directory -Path $path -Recurse -Force
Foreach ($Folder in $FolderPath) {
$Acl = Get-Acl -Path $Folder.FullName
foreach ($Access in $acl.Access)
{
$Folder.FullName;
$Access.IdentityReference;
$Access.FileSystemRights;
$Access.IsInherited
}
}
}
My question is: How could I format this output, so it looks readable, and/or is there a simpler, maybe cleaner to do what I intend to do?

Removing ALL user object permissions form ACL / Folder structure

I want to remove ALL AD User objects from a directory/folder security.
So, this maybe a stupid post and i appologise if it is...but basically i want to recurse through a directoery and remove all user objects from permissions. Folder permissions should be secured using groups, buit occasionally there are user onjects directly being added to folders breaking the rules. I've got a simple little script that works great for specific users, but i'm having trouble setting this to use a variable, eg all domain user accounts. If i specify the $user variable as an AD search for instance it just doesnt work, eg $USER = 'Get-ADuser -filter * -Server 'DOMAIN -properties SamAccountName | Select SamAccountName
I'm assumign this doesnt like the variable field set this way. Any help or advise much appreciated. Thanks.
$filepath = 'C:\Temp\ACLTesting'
$user = 'DOMAIN\USER'
Get-ChildItem $filePath -Recurse -Directory | ForEach-Object {
$acl = Get-Acl -Path $_.FullName
$acl.Access | Where-Object {
$_.IdentityReference.Value -eq $user
} | ForEach-Object {
$acl.RemoveAccessRule($_) | Out-Null
}
Set-Acl -Path $_.FullName -AclObject $acl
}
Unfortunately still cant get this to work using user variables... am i missing something or is this not a possible function? Thanks....
Putting this to one side for now as still cant get it to work and other things have cropped up to look at. Will revisit this at somepoint though. Any suggestions always welcome. Thanks.

Slightly modifying what you posted, try this …
$filepath = 'C:\Temp\ACLTesting'
$DomainUsers = (Get-ADUser -Filter *).SamAccountName
ForEach ($DomainUser in $DomainUsers)
{
Get-ChildItem $filePath -Recurse -Directory |
ForEach-Object {
$acl = Get-Acl -Path $_.FullName
$acl.Access |
Where-Object {
$_.IdentityReference.Value -eq $DomainUser
} |
ForEach-Object {
$acl.RemoveAccessRule($_) | Out-Null
}
Set-Acl -Path $_.FullName -AclObject $acl
}
}

Export to CSV using PowerShell 2.0?

I have the following code that prints the file system rights of each account enabled on the folder with path "C:\Temp\CSM\*" & "C:\Temp\CSM\*\*" . How do I write the output in a comma-separated CSV? As this is for PowerShell 2.0 Export-Csv -Append parameter cannot be used.
$FolderPath = dir -Directory -Path "C:\Temp\CSM\*", "C:\Temp\CSM\*\*" -Force
foreach ($Folder in $FolderPath) {
$Acl = Get-Acl -Path $Folder.FullName
foreach ($Access in $acl.Access) {
Write-Host $Folder.FullName "," $Access.IdentityReference "," $Access.FileSystemRights
}
}

Prior to PowerShell v3 if you wanted to append to an existing CSV you need something like this:
... | ConvertTo-Csv -NoType | Select-Object -Skip 1 | Add-Content
However, in your scenario that probably isn't necessary. If you replace your foreach loops with a pipeline you can write the CSV in one go without having to append to it in a loop (which isn't recommended anyway).
$folders = "C:\Temp\CSM\*", "C:\Temp\CSM\*\*"
Get-ChildItem -Path $folders -Directory -Force | ForEach-Object {
$path = $_.FullName
Get-Acl -Path $path |
Select-Object -Expand Access |
Select-Object #{n='Path';e={$path}}, IdentityReference, FileSystemRights
} | Export-Csv 'C:\output.csv' -NoType

Recurse a limited amount of folders

I have the following snippet of code from a script, used in order to get the NTFS permissions on file shares.
if ($ComputerName -eq '.'){
$Path = $Folder
}
else {
$Path = "\\$ComputerName\$Folder"
}ls
if ($OutputFile){
Get-Childitem $Path -Recurse:$Recurse | ForEach-Object {Get-Acl $_.FullName} | Select-Object #{Name="Path";Expression={$_.PSPath.Substring($_.PSPath.IndexOf(":")+2) }},#{Name="Type";Expression={$_.GetType()}},Owner -ExpandProperty Access | Export-CSV $OutputFile -NoTypeInformation
}
else{
Get-Childitem $Path -Recurse:$Recurse | ForEach-Object {Get-Acl $_.FullName} | Select-Object #{Name="Path";Expression={$_.PSPath.Substring($_.PSPath.IndexOf(":")+2) }},#{Name="Type";Expression={$_.GetType()}},Owner -ExpandProperty Access | Format-Table -AutoSize
}
At the moment when I run this I am able to generate a report on the NTFS permissions, however I would like to make the code recurse one extra folder deeper in a file share. My problem however is I only know of methods to completely recurse through all folders or get the current folders in a path.
For example assume I had a folder called 'test' and inside of test there were two other folders called 'temp1' and 'temp2', with there being one more folder inside of temp2 called 'extra.' I'd want it to get the NTFS permissions for 'test' and then go one level farther and report permissions for 'temp1' and 'temp2,' but I would not want it to get 'extra.'
EDIT:
if ($OutputFile){
gci c:\|%{if($_.PSIsContainer){GCI $_.FullName|get-acl};$_|get-acl}|Select-Object #{Name="Path";Expression={$_.PSPath.Substring($_.PSPath.IndexOf(":")+2) }},#{Name="Type";Expression={$_.GetType()}},Owner -ExpandProperty Access | sort PSParentPath|Export-CSV $OutputFile -NoType
}

You can manually recurse 1 level easily enough. Try this on for size:
if ($ComputerName -eq '.'){
$Path = $Folder
}
else {
$Path = "\\$ComputerName\$Folder"
}ls
if ($OutputFile){
gci c:\|%{if($_.PSIsContainer){GCI $_.FullName|get-acl};$_|get-acl}|sort PSParentPath|Export-CSV $OutputFile -NoType
}
else{
gci c:\|%{if($_.PSIsContainer){GCI $_.FullName|get-acl};$_|get-acl}|sort PSParentPath|FT -Auto
}

Something like this will go down to a depth of one folder
Get-Childitem $path | %{get-childitem -path $_.fullname}