Finding files owned by a user, or they are on the ACL

September 29, 2010 at 1:56 pm Leave a comment

The attached code is for a PowerShell filter that takes a collection of items (mainly aimed at files from a dir/Get-ChildItem query, although it also works on Registry Keys) and only allows those files that have the user name either as the owner or in an ACL entry through the pipeline for further processing

 

 

Set-StrictMode -Version "2.0"
<#
.SYNOPSIS
    This filter reads objects from the pipeline and only passes those obects which include the aclName
    on the ACL.
.DESCRIPTION
    The filter processes the objects passed through the pipeline and examines the ACL to see if the
    name passed in as the aclName is either the owner of the object, or is listed as one of the
    IdentityReferences in the ACL Entries.  The comparison for the name is performed using the
    -like operator which allows for widcard inclusion. 
.PARAMETER aclName
    The value passed in this parameter is compared to the name of the owner in the ACL and the
    IdentityReference values of the ACL entries
.EXAMPLE
    dir c:\webdem | Select-ItemsByAclEntry -aclName "*guest*"
.EXAMPLE
    dir HKCU:\Software\Microsoft\VisualStudio -recurse | Select-ItemsByAclEntry -aclName *guest
    The dir part of this statement, in particular, needs to be executed with credentials that
    have sufficent access to the Registry Keys.
#>
filter Select-ItemByAclEntry ([string]$aclName)
{
    try
    {
        $acl = $_.GetAccessControl()
        $foundUser = ($acl.Owner -like $aclName)
        if (-not $foundUser)
        {
            if ( $acl.Access.Count -gt 0)
            {
                foreach ($a in $acl.Access)
                {
                    if ($a.IdentityReference -like $aclName)
                    {
                        $foundUser = $true
                    }
                }
            }
        }
    }catch
    {
        Write-Host "There was an exception: $_"
    }
    if ($foundUser)
    {
        Write-Output($_)
    }
}

Advertisements

Entry filed under: PowerShell. Tags: , , , .

Medion Design USB Graphics Pad P46000 PowerShell_ISE utility function to add help tags

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


Calendar

September 2010
M T W T F S S
« Jul   Dec »
 12345
6789101112
13141516171819
20212223242526
27282930  

Most Recent Posts


%d bloggers like this: