Lets talk administrating NTFS Security on Files shares specifically with PowerShell.
So in one of my previous post we went through the difference between Shared Permission vs NTFS Permission. I am sure if you went through it you found that NTFS Permission can get very complex very fast.
In this post we are going get all the NTFS Permission Recursively for all Files and Folders and what permissions is assigned to each.
Execution Policy
First things First we need to set the Execution Policy to allow scripts on the machine we will be running this on. So I am not going to give you a full explanation on what an execution policy is you can read on Microsoft Site. Just click HERE.
I used the Set-ExecutionPolicy RemoteSigned on the prompt for Change Execution Policy type “A” and press Enter, You should see something similar to the below:
Install NTFS Security
Up next download the newest version of NTFSSecurity from GitHub awesomely supplied by RaAndree. Once downloaded you can drop the files C:\Program Files\WindowsPowerShell\Modules, you create a Folder NTFSSecurity and then drop the Version file in there. At the time of writing this my directory looked as follows:
In PowerShell (Run as Administrator) you then check that PowerShell picks up the Module by Typing Find-Module -Name NTFSSecurity if it finds it without any issues it will show you the version which it found. Then you can use the Install-Module -Name NTFSSecurity on the confirmation again type “A” and enter.
See below Screen Capture of both Commands.
The Code
At last we get to the code, this code will be set to read through each file and then write it to a CSV file. Take note that due to some of the outputs having Commas in them we can not use commas to separate the values instead I opted for the “|” (Vertical Bar).
#Create a Location to dump the Info
$OutFile = “C:\temp\FlukenSecurity.csv”
#This is the Header which needs to be extracted
$Header = “Folder Path| Account Type| Account| Access Right| Inheritance Flag Value “
#Add the Header to the file
#This makes it easier to import into Excel
Add-Content -Value $Header -Path $OutFile
#This is the Folder you want to read the Security on
#It is recursive and will go through all files and folders
#Note this is very Resource intensive if you are Searching alot of Folders and files
$RootPath = “E:\FlukenSecurity”
$Folders = dir $RootPath -recurse | where {$_.psiscontainer -eq $true}
#Where this Permission is currently Applicable
$inheritance = @{
0 = ‘Files Only’
1 = ‘This Folder and Subfolders’
2 = ‘This Folder and Files’
3 = ‘Subfolders and Files’
}
#This Writes each File and Folder into the $Outfile
foreach ($Folder in $Folders){
$NTFSSec = get-ntfsaccess -Path $Folder.fullname
Foreach ($NTFSPer in $NTFSSec){
$OutInfo = $NTFSPer.FullName + “|” + $NTFSPer.AccountType + “|” + $NTFSPer.Account +”|” + $NTFSPer.AccessRights + “|” + $inheritance[$NTFSPer.InheritanceFlags.value__]
Add-Content -Value $OutInfo -Path $OutFile
}}
Import to Excel
Lastly lets Import the CSV into Excel. I found the best way is to open a blank Excel Document. Browse to the Data Tab and choose the option to Import from Text file. Browse to the file location and choose the file you created.
At the first Wizard Screen choose Delimited and click next and on the second screen tick Other and in the text field enter the Vertical Bar. From here you can click Finish.
Output
This will give you and output file that looks similar to the below. I created a Structure that gives you an idea of how the different folders can display the different permissions.
So if is too technical for you, there is software that can export the same info for you too HTML for free unless you buy it.
You can view NTFS Permission Reporter or wait for my next post as this is an awesome tool.