{"id":2390,"date":"2012-06-21T11:09:55","date_gmt":"2012-06-21T15:09:55","guid":{"rendered":"http:\/\/jdhitsolutions.com\/blog\/?p=2390"},"modified":"2012-06-21T11:17:05","modified_gmt":"2012-06-21T15:17:05","slug":"get-acl-information-with-powershell","status":"publish","type":"post","link":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/","title":{"rendered":"Get ACL Information with PowerShell"},"content":{"rendered":"

I got a question in the \"Ask Don and Jeff\"<\/a> forum on PowerShell.com that intrigued me. The issue was working with the results of the Get-ACL cmdlet. The resulting object includes a property called Access which is a collection of access rule objects. Assuming you are using this with the file system, these are System.Security.AccessControl.FileSystemAccessRule objects that look like this:<\/p>\n

FileSystemRights : ReadAndExecute, Synchronize
\nAccessControlType : Allow
\nIdentityReference : BUILTIN\\Users
\nIsInherited : False
\nInheritanceFlags : ContainerInherit, ObjectInherit
\nPropagationFlags : None<\/p>\n

If I'm understanding the original problem, the poster wanted to identify folders that had a single non-system entry. That is, a folder where someone added a single entry. It doesn't matter who. So this got me to thinking about a tool that would look at a folder ACL and report on how many access rules were found and then break that count down by system and user. I figured that any rule where the identity reference name included \"Builtin\", \"NT Authority\", \"Everyone\" or \"Creator Owner\" would be considered a system rule. Anything else would be considered a user rule. <\/p>\n

In the console, I could run a command like this:<\/p>\n


\nPS S:\\> get-acl c:\\work | select -expand access | where {$_.identityreference -notmatch \"BUILTIN|NT AUTHORITY|EVERYONE|CREATOR OWNER\"}<\/p>\n

FileSystemRights : FullControl
\nAccessControlType : Allow
\nIdentityReference : SERENITY\\Jeff
\nIsInherited : False
\nInheritanceFlags : None
\nPropagationFlags : None
\n<\/code><\/p>\n

Because I ran this interactively, I know what folder has this potential issue. So the next step is to turn this into a tool that will write ACL summary information to the pipeline. Here's my function, and then I'll explain a few things. The download version includes comment based help.<\/p>\n


\nFunction Get-ACLInfo {<\/p>\n

[cmdletbinding()]<\/p>\n

Param(
\n[Parameter(Position=0,ValueFromPipeline=$True,ValueFromPipelineByPropertyName=$True)]
\n[ValidateScript({Test-Path $_})]
\n[Alias('PSPath','Fullname')]
\n[string[]]$Path=\".\"
\n)<\/p>\n

Begin {
\n Write-Verbose \"Starting $($myinvocation.mycommand)\"<\/p>\n

#create a format file on the fly
\n $xml=@\"
\n
\n
\n
\n
\n JDH.ACLInfo<\/Name>
\n
\n JDH.ACLInfo<\/TypeName>
\n <\/ViewSelectedBy>
\n
\n
\n
\n 50<\/Width>
\n\t\t\t\t\t<\/TableColumnHeader>
\n
\n
\n 8<\/Width>
\n <\/TableColumnHeader>
\n\t\t\t\t\t
\n 9<\/Width>
\n <\/TableColumnHeader>
\n
\n 7<\/Width>
\n <\/TableColumnHeader>
\n <\/TableHeaders>
\n
\n
\n
\n
\n Path<\/PropertyName>
\n <\/TableColumnItem>
\n
\n Owner<\/PropertyName>
\n <\/TableColumnItem>
\n
\n TotalACL<\/PropertyName>
\n <\/TableColumnItem>
\n
\n SystemACL<\/Propertyname>
\n <\/TableColumnItem>
\n
\n UserACL<\/Propertyname>
\n <\/TableColumnItem>
\n <\/TableColumnItems>
\n <\/TableRowEntry>
\n <\/TableRowEntries>
\n <\/TableControl>
\n <\/View>
\n <\/ViewDefinitions>
\n<\/Configuration>
\n\"@
\n #create a temp file
\n $tmpfile=[system.io.path]::GetTempFileName()
\n #add the necessary file extension
\n $tmpfile+=\".ps1xml\"<\/p>\n

#pipe the xml text to the temp file
\n Write-Verbose \"Creating $tmpfile\"
\n $xml | Out-File -FilePath $tmpfile<\/p>\n

<#\n update format data. I'm setting error action to SilentlyContinue\n because everytime you run the function it creates a new temp file\n but Update-FormatData tries to reload all the format files it \n knows about in the current session, which includes previous versions\n of this file which have already been deleted.\n #>
\n Write-Verbose \"Updating format data\"
\n Update-FormatData -AppendPath $tmpfile -ErrorAction SilentlyContinue<\/p>\n

} #Begin<\/p>\n

Process {
\n Foreach ($folder in $path) {
\n Write-Verbose \"Getting ACL for $folder\"
\n #get the folder ACL
\n $acl=Get-ACL -Path $path<\/p>\n

#a regex to get a file path
\n [regex]$regex=\"\\w:\\\\\\S+\"<\/p>\n

#get full path from ACL object
\n $folderpath=$regex.match($acl.path).Value<\/p>\n

#get Access rules
\n $access=$acl.Access<\/p>\n

#get builtin and system ACLS
\n $sysACL=$access | where {$_.identityreference -match \"BUILTIN|NT AUTHORITY|EVERYONE|CREATOR OWNER\"}<\/p>\n

#get non builtin and system ACLS
\n $nonSysACL=$access | where {$_.identityreference -notmatch \"BUILTIN|NT AUTHORITY|EVERYONE|CREATOR OWNER\"}<\/p>\n

#grab some properties and add them to a hash table.
\n $hash=@{
\n Path=$folderpath
\n Owner=$acl.Owner
\n TotalACL=$access.count
\n SystemACL=($sysACL | measure-object).Count
\n UserACL=($nonSysACL | measure-object).Count
\n AccessRules=$access
\n }<\/p>\n

#write a new object to the pipeline
\n $obj=New-object -TypeName PSObject -Property $hash
\n #add a type name for the format file
\n $obj.PSObject.TypeNames.Insert(0,'JDH.ACLInfo')
\n $obj<\/p>\n

} #foreach<\/p>\n

} #Process<\/p>\n

End {
\n #delete the temp file if it still exists
\n if (Test-Path $tmpfile) {
\n Write-Verbose \"Deleting $tmpfile\"
\n Remove-Item -Path $tmpFile
\n }
\n Write-Verbose \"Ending $($myinvocation.mycommand)\"
\n} #end<\/p>\n

} #end function
\n<\/code><\/p>\n

When I run the function here's what the result looks like:<\/p>\n


\nPS S:\\> get-aclinfo | select *<\/p>\n

SystemACL : 7
\nOwner : SERENITY\\Jeff
\nUserACL : 0
\nAccessRules : {System.Security.AccessControl.FileSystemAccessRule, System.Security.AccessControl.Fi
\n leSystemAccessRule, System.Security.AccessControl.FileSystemAccessRule, System.Securi
\n ty.AccessControl.FileSystemAccessRule...}
\nPath : C:\\scripts\\
\nTotalACL : 7
\n<\/code><\/p>\n

The function takes a path parameter and passes that to Get-ACL.<\/p>\n


\n$acl=Get-ACL -Path $path
\n<\/code><\/p>\n

I will be using some of the properties of this object in the custom object I'll eventually write to the pipeline. One thing I want is the full path. Unfortunately, I need to parse that out of the path property. I decided to use a regular expression.<\/p>\n


\n#a regex to get a file path
\n[regex]$regex=\"\\w:\\\\\\S+\"<\/p>\n

#get full path from ACL object
\n$folderpath=$regex.match($acl.path).Value
\n<\/code><\/p>\n

Next, I need to count the access rule entries and determine which are system and which are user.<\/p>\n


\n#get Access rules
\n$access=$acl.Access<\/p>\n

#get builtin and system ACLS
\n$sysACL=$access | where {$_.identityreference -match \"BUILTIN|NT AUTHORITY|EVERYONE|CREATOR OWNER\"}<\/p>\n

#get non builtin and system ACLS
\n$nonSysACL=$access | where {$_.identityreference -notmatch \"BUILTIN|NT AUTHORITY|EVERYONE|CREATOR OWNER\"}
\n<\/code><\/p>\n

I like creating new objects with hash tables, which will get even easier in PowerShell 3.0.<\/p>\n


\n#grab some properties and add them to a hash table.
\n$hash=@{
\n Path=$folderpath
\n Owner=$acl.Owner
\n TotalACL=$access.count
\n SystemACL=($sysACL | measure-object).Count
\n UserACL=($nonSysACL | measure-object).Count
\n AccessRules=$access
\n}<\/p>\n

#write a new object to the pipeline
\n$obj=New-object -TypeName PSObject -Property $hash
\n<\/code><\/p>\n

The object shows counts of the different ACL \"types\" and also includes a property with the full access rules should you want to look at them in more detail. But now for the \"scoop of ice cream on the side\" part of this function.<\/p>\n

In PowerShell 2.0, hash tables are unordered meaning there's no guarantee what order your properties will be display. Plus, you may want to have more control over how PowerShell formats the resulting objects. The way we handle this is by creating a format file and loading it into the shell with Update-FormatData. I'm not going to go into the mechanics of custom format files here. I know the topic is covered in the Windows PowerShell 2.0: TFM book, and the Month of Lunches books among others.<\/p>\n

Now, if I had created a module out of this function I could have packaged it with a separate format ps1xml file. But I had a thought of trying to use a format file \"on the fly\". In the Begin script block, I have the XML that would normally go into the format.ps1xml file. I create a temp file and add the xml to it.<\/p>\n


\n#create a temp file
\n$tmpfile=[system.io.path]::GetTempFileName()
\n#add the necessary file extension
\n$tmpfile+=\".ps1xml\"<\/p>\n

#pipe the xml text to the temp file
\nWrite-Verbose \"Creating $tmpfile\"
\n$xml | Out-File -FilePath $tmpfile
\n<\/code><\/p>\n

The format file apparently needs to have .ps1xml file extension so I have to update the file name. Once I have this file, I call Update-FormatData to load it.<\/p>\n


\nUpdate-FormatData -AppendPath $tmpfile -ErrorAction SilentlyContinue
\n<\/code><\/p>\n

Normally, I'm not a big fan of turning off errors, but in this case I need to. When you run Update-FormatData, PowerShell reloads all the format files that it knows in this session. The first time I run the function, the temp file is created and loaded. But in the End script block, I delete it.<\/p>\n


\nif (Test-Path $tmpfile) {
\n Write-Verbose \"Deleting $tmpfile\"
\n Remove-Item -Path $tmpFile
\n }
\n<\/code><\/p>\n

The next time I run the function, I recreate the format file. But Update-FormatData also looks for the previous temp files which have since been deleted, which normally raises an exception. I'm not saying this approach of \"on the fly formatting\" is perfect but so far it works for me in these situations. The formatting file takes my custom object and creates a table with all properties except the access rules.<\/p>\n

\"\"<\/a><\/p>\n

My format file allows for plenty of space for the file path. But you can always tighten things up.<\/p>\n

\"\"<\/a><\/p>\n

If I want to work with the underlying access rules, I still can.<\/p>\n

\"\"<\/a><\/p>\n

Download Get-ACLInfo<\/a> and let me know what you think.<\/p>\n","protected":false},"excerpt":{"rendered":"

I got a question in the “Ask Don and Jeff” forum on PowerShell.com that intrigued me. The issue was working with the results of the Get-ACL cmdlet. The resulting object includes a property called Access which is a collection of access rule objects. Assuming you are using this with the file system, these are System.Security.AccessControl.FileSystemAccessRule…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[4,8],"tags":[293,534,540,391],"class_list":["post-2390","post","type-post","status-publish","format-standard","hentry","category-powershell","category-scripting","tag-get-acl","tag-powershell","tag-scripting","tag-update-formatdata"],"yoast_head":"\nGet ACL Information with PowerShell • The Lonely Administrator<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Get ACL Information with PowerShell • The Lonely Administrator\" \/>\n<meta property=\"og:description\" content=\"I got a question in the "Ask Don and Jeff" forum on PowerShell.com that intrigued me. The issue was working with the results of the Get-ACL cmdlet. The resulting object includes a property called Access which is a collection of access rule objects. Assuming you are using this with the file system, these are System.Security.AccessControl.FileSystemAccessRule...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/\" \/>\n<meta property=\"og:site_name\" content=\"The Lonely Administrator\" \/>\n<meta property=\"article:published_time\" content=\"2012-06-21T15:09:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2012-06-21T15:17:05+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/jdhitsolutions.com\/blog\/wp-content\/uploads\/2012\/06\/get-aclinfo-1-300x77.png\" \/>\n<meta name=\"author\" content=\"Jeffery Hicks\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@JeffHicks\" \/>\n<meta name=\"twitter:site\" content=\"@JeffHicks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jeffery Hicks\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/\"},\"author\":{\"name\":\"Jeffery Hicks\",\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/#\\\/schema\\\/person\\\/d0258030b41f07fd745f4078bdf5b6c9\"},\"headline\":\"Get ACL Information with PowerShell\",\"datePublished\":\"2012-06-21T15:09:55+00:00\",\"dateModified\":\"2012-06-21T15:17:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/\"},\"wordCount\":749,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/#\\\/schema\\\/person\\\/d0258030b41f07fd745f4078bdf5b6c9\"},\"image\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/jdhitsolutions.com\\\/blog\\\/wp-content\\\/uploads\\\/2012\\\/06\\\/get-aclinfo-1-300x77.png\",\"keywords\":[\"Get-ACL\",\"PowerShell\",\"Scripting\",\"Update-FormatData\"],\"articleSection\":[\"PowerShell\",\"Scripting\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/\",\"url\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/\",\"name\":\"Get ACL Information with PowerShell • The Lonely Administrator\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/jdhitsolutions.com\\\/blog\\\/wp-content\\\/uploads\\\/2012\\\/06\\\/get-aclinfo-1-300x77.png\",\"datePublished\":\"2012-06-21T15:09:55+00:00\",\"dateModified\":\"2012-06-21T15:17:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/#primaryimage\",\"url\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/wp-content\\\/uploads\\\/2012\\\/06\\\/get-aclinfo-1.png\",\"contentUrl\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/wp-content\\\/uploads\\\/2012\\\/06\\\/get-aclinfo-1.png\",\"width\":\"1137\",\"height\":\"294\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/powershell\\\/2390\\\/get-acl-information-with-powershell\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"PowerShell\",\"item\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/category\\\/powershell\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Get ACL Information with PowerShell\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/\",\"name\":\"The Lonely Administrator\",\"description\":\"Practical Advice for the Automating IT Pro\",\"publisher\":{\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/#\\\/schema\\\/person\\\/d0258030b41f07fd745f4078bdf5b6c9\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/jdhitsolutions.com\\\/blog\\\/#\\\/schema\\\/person\\\/d0258030b41f07fd745f4078bdf5b6c9\",\"name\":\"Jeffery Hicks\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/832ae5d438fdcfc1420d720cd1991307927de8a0b12f2342e81c30f773e21098?s=96&d=wavatar&r=pg\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/832ae5d438fdcfc1420d720cd1991307927de8a0b12f2342e81c30f773e21098?s=96&d=wavatar&r=pg\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/832ae5d438fdcfc1420d720cd1991307927de8a0b12f2342e81c30f773e21098?s=96&d=wavatar&r=pg\",\"caption\":\"Jeffery Hicks\"},\"logo\":{\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/832ae5d438fdcfc1420d720cd1991307927de8a0b12f2342e81c30f773e21098?s=96&d=wavatar&r=pg\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Get ACL Information with PowerShell • The Lonely Administrator","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/","og_locale":"en_US","og_type":"article","og_title":"Get ACL Information with PowerShell • The Lonely Administrator","og_description":"I got a question in the \"Ask Don and Jeff\" forum on PowerShell.com that intrigued me. The issue was working with the results of the Get-ACL cmdlet. The resulting object includes a property called Access which is a collection of access rule objects. Assuming you are using this with the file system, these are System.Security.AccessControl.FileSystemAccessRule...","og_url":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/","og_site_name":"The Lonely Administrator","article_published_time":"2012-06-21T15:09:55+00:00","article_modified_time":"2012-06-21T15:17:05+00:00","og_image":[{"url":"http:\/\/jdhitsolutions.com\/blog\/wp-content\/uploads\/2012\/06\/get-aclinfo-1-300x77.png","type":"","width":"","height":""}],"author":"Jeffery Hicks","twitter_card":"summary_large_image","twitter_creator":"@JeffHicks","twitter_site":"@JeffHicks","twitter_misc":{"Written by":"Jeffery Hicks","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/#article","isPartOf":{"@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/"},"author":{"name":"Jeffery Hicks","@id":"https:\/\/jdhitsolutions.com\/blog\/#\/schema\/person\/d0258030b41f07fd745f4078bdf5b6c9"},"headline":"Get ACL Information with PowerShell","datePublished":"2012-06-21T15:09:55+00:00","dateModified":"2012-06-21T15:17:05+00:00","mainEntityOfPage":{"@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/"},"wordCount":749,"commentCount":1,"publisher":{"@id":"https:\/\/jdhitsolutions.com\/blog\/#\/schema\/person\/d0258030b41f07fd745f4078bdf5b6c9"},"image":{"@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/#primaryimage"},"thumbnailUrl":"http:\/\/jdhitsolutions.com\/blog\/wp-content\/uploads\/2012\/06\/get-aclinfo-1-300x77.png","keywords":["Get-ACL","PowerShell","Scripting","Update-FormatData"],"articleSection":["PowerShell","Scripting"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/","url":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/","name":"Get ACL Information with PowerShell • The Lonely Administrator","isPartOf":{"@id":"https:\/\/jdhitsolutions.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/#primaryimage"},"image":{"@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/#primaryimage"},"thumbnailUrl":"http:\/\/jdhitsolutions.com\/blog\/wp-content\/uploads\/2012\/06\/get-aclinfo-1-300x77.png","datePublished":"2012-06-21T15:09:55+00:00","dateModified":"2012-06-21T15:17:05+00:00","breadcrumb":{"@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/#primaryimage","url":"https:\/\/jdhitsolutions.com\/blog\/wp-content\/uploads\/2012\/06\/get-aclinfo-1.png","contentUrl":"https:\/\/jdhitsolutions.com\/blog\/wp-content\/uploads\/2012\/06\/get-aclinfo-1.png","width":"1137","height":"294"},{"@type":"BreadcrumbList","@id":"https:\/\/jdhitsolutions.com\/blog\/powershell\/2390\/get-acl-information-with-powershell\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"PowerShell","item":"https:\/\/jdhitsolutions.com\/blog\/category\/powershell\/"},{"@type":"ListItem","position":2,"name":"Get ACL Information with PowerShell"}]},{"@type":"WebSite","@id":"https:\/\/jdhitsolutions.com\/blog\/#website","url":"https:\/\/jdhitsolutions.com\/blog\/","name":"The Lonely Administrator","description":"Practical Advice for the Automating IT Pro","publisher":{"@id":"https:\/\/jdhitsolutions.com\/blog\/#\/schema\/person\/d0258030b41f07fd745f4078bdf5b6c9"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jdhitsolutions.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/jdhitsolutions.com\/blog\/#\/schema\/person\/d0258030b41f07fd745f4078bdf5b6c9","name":"Jeffery Hicks","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/832ae5d438fdcfc1420d720cd1991307927de8a0b12f2342e81c30f773e21098?s=96&d=wavatar&r=pg","url":"https:\/\/secure.gravatar.com\/avatar\/832ae5d438fdcfc1420d720cd1991307927de8a0b12f2342e81c30f773e21098?s=96&d=wavatar&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/832ae5d438fdcfc1420d720cd1991307927de8a0b12f2342e81c30f773e21098?s=96&d=wavatar&r=pg","caption":"Jeffery Hicks"},"logo":{"@id":"https:\/\/secure.gravatar.com\/avatar\/832ae5d438fdcfc1420d720cd1991307927de8a0b12f2342e81c30f773e21098?s=96&d=wavatar&r=pg"}}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":2403,"url":"https:\/\/jdhitsolutions.com\/blog\/scripting\/2403\/working-with-access-rules-in-powershell\/","url_meta":{"origin":2390,"position":0},"title":"Working with Access Rules in PowerShell","author":"Jeffery Hicks","date":"June 22, 2012","format":false,"excerpt":"Yesterday I posted a function to create a summary report of ACL information using Windows PowerShell. I posted this in response to a question in the Ask Don and Jeff forum at PowerShell.com. I received an appreciative followup. The next step for this IT Pro it seems is to get\u2026","rel":"","context":"In "Scripting"","block_context":{"text":"Scripting","link":"https:\/\/jdhitsolutions.com\/blog\/category\/scripting\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1492,"url":"https:\/\/jdhitsolutions.com\/blog\/scripting\/1492\/creating-acl-reports\/","url_meta":{"origin":2390,"position":1},"title":"Creating ACL Reports","author":"Jeffery Hicks","date":"June 2, 2011","format":false,"excerpt":"I saw a tweet this morning that was a PowerShell one-liner for capturing folder permissions to a text file. There's nothing wrong with it but it's hard to be truly productive in 140 characters so I thought I would take the idea and run with it a little bit. Here\u2026","rel":"","context":"In "Best Practices"","block_context":{"text":"Best Practices","link":"https:\/\/jdhitsolutions.com\/blog\/category\/best-practices\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3546,"url":"https:\/\/jdhitsolutions.com\/blog\/powershell-3-0\/3546\/turn-on-powershell-help-window\/","url_meta":{"origin":2390,"position":2},"title":"Turn On PowerShell Help Window","author":"Jeffery Hicks","date":"November 7, 2013","format":false,"excerpt":"Here's a little suggestion for today that might make it easier for you to use PowerShell. In PowerShell 3.0, the Get-Help cmdlet includes a terrific new parameter called -ShowWindow. When you ask for help with this parameter, you get complete help in a new window. The window is re-sizable, searchable\u2026","rel":"","context":"In "Powershell 3.0"","block_context":{"text":"Powershell 3.0","link":"https:\/\/jdhitsolutions.com\/blog\/category\/powershell-3-0\/"},"img":{"alt_text":"talkbubble-v3","src":"https:\/\/i0.wp.com\/jdhitsolutions.com\/blog\/wp-content\/uploads\/2012\/05\/talkbubble-v3-150x150.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":1625,"url":"https:\/\/jdhitsolutions.com\/blog\/powershell\/1625\/get-process-owner\/","url_meta":{"origin":2390,"position":3},"title":"Get Process Owner","author":"Jeffery Hicks","date":"August 25, 2011","format":false,"excerpt":"I've been working on my second training course for Train Signal on managing Windows Server 2008 with Windows PowerShell, specifically the lesson on managing processes. I thought I'd share a little tidbit I worked out. In fact, I hope you'll stay tuned for other little goodies over the next several\u2026","rel":"","context":"In "PowerShell"","block_context":{"text":"PowerShell","link":"https:\/\/jdhitsolutions.com\/blog\/category\/powershell\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6855,"url":"https:\/\/jdhitsolutions.com\/blog\/powershell-7\/6855\/powershell-scripting-for-linux-is-still-about-the-objects\/","url_meta":{"origin":2390,"position":4},"title":"PowerShell Scripting for Linux is Still About the Objects","author":"Jeffery Hicks","date":"October 8, 2019","format":false,"excerpt":"I've been trying to increase my Linux skills, especially as I begin to write PowerShell scripts and tools that can work cross-platform. One very important concept I want to make sure you don't overlook is that even when scripting for non-Windows platforms, you must still be thinking about objects. The\u2026","rel":"","context":"In "PowerShell 7"","block_context":{"text":"PowerShell 7","link":"https:\/\/jdhitsolutions.com\/blog\/category\/powershell-7\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1171,"url":"https:\/\/jdhitsolutions.com\/blog\/scripting\/1171\/powershell-deep-dive-formatting-and-extensions\/","url_meta":{"origin":2390,"position":5},"title":"PowerShell Deep Dive Formatting and Extensions","author":"Jeffery Hicks","date":"February 25, 2011","format":false,"excerpt":"I just found out I will be presenting at the PowerShell Deep Dive April 18-19 that is part of TEC 2011. This promises to be THE PowerShell event everyone has been waiting for. I'll be presenting on format and type extensions. Mastering Format and Type Extensions Windows PowerShell is designed\u2026","rel":"","context":"In "Conferences"","block_context":{"text":"Conferences","link":"https:\/\/jdhitsolutions.com\/blog\/category\/conferences\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/posts\/2390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/comments?post=2390"}],"version-history":[{"count":0,"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/posts\/2390\/revisions"}],"wp:attachment":[{"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/media?parent=2390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/categories?post=2390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jdhitsolutions.com\/blog\/wp-json\/wp\/v2\/tags?post=2390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}