NTFS Security with PowerShell

(Last Updated On: 2019-01-23)

Lets talk administrating NTFS Security on Files shares specifically with PowerShell.
So in one of my previous post we went through the difference between Shared Permission vs NTFS Permission. I am sure if you went through it you found that NTFS Permission can get very complex very fast.

In this post we are going get all the NTFS Permission Recursively for all Files and Folders and what permissions is assigned to each.

Execution Policy

First things First we need to set the Execution Policy to allow scripts on the machine we will be running this on. So I am not going to give you a full explanation on what an execution policy is you can read on Microsoft Site. Just click HERE.

I used the Set-ExecutionPolicy RemoteSigned on the prompt for Change Execution Policy type “A” and press Enter, You should see something similar to the below:
Set-ExecutionPolicy

Install NTFS Security

Up next download the newest version of NTFSSecurity from GitHub awesomely supplied by RaAndree. Once downloaded you can drop the files C:\Program Files\WindowsPowerShell\Modules, you create a Folder NTFSSecurity and then drop the Version file in there. At the time of writing this my directory looked as follows:
NTFSSecurityIn PowerShell (Run as Administrator) you then check that PowerShell picks up the Module by Typing Find-Module -Name NTFSSecurity if it finds it without any issues it will show you the version which it found. Then you can use the Install-Module -Name NTFSSecurity on the confirmation again type “A” and enter.

See below Screen Capture of both Commands.
Find-Module -Name NTFSSecurity

The Code

At last we get to the code, this code will be set  to read through each file and then write it to a CSV file. Take note that due to some of the outputs having Commas in them we can not use commas to separate the values instead I opted for the “|” (Vertical Bar).

#Create a Location to dump the Info
$OutFile = “C:\temp\FlukenSecurity.csv”

#This is the Header which needs to be extracted
$Header = “Folder Path| Account Type| Account| Access Right| Inheritance Flag Value “

#Add the Header to the file
#This makes it easier to import into Excel
Add-Content -Value $Header -Path $OutFile

#This is the Folder you want to read the Security on
#It is recursive and will go through all files and folders
#Note this is very Resource intensive if you are Searching alot of Folders and files
$RootPath = “E:\FlukenSecurity”
$Folders = dir $RootPath -recurse | where {$_.psiscontainer -eq $true}

#Where this Permission is currently Applicable
$inheritance = @{
0 = ‘Files Only’
    1 = ‘This Folder and Subfolders’
    2 = ‘This Folder and Files’
    3 = ‘Subfolders and Files’
}
#This Writes each File and Folder into the $Outfile
foreach ($Folder in $Folders){
$NTFSSec = get-ntfsaccess -Path $Folder.fullname
Foreach ($NTFSPer in $NTFSSec){
$OutInfo = $NTFSPer.FullName + “|” + $NTFSPer.AccountType + “|” + $NTFSPer.Account +”|” + $NTFSPer.AccessRights + “|” + $inheritance[$NTFSPer.InheritanceFlags.value__]
Add-Content -Value $OutInfo -Path $OutFile
}}

Import to Excel

Lastly lets Import the CSV into Excel. I found the best way is to open a blank Excel Document. Browse to the Data Tab and choose the option to Import from Text file. Browse to the file location and choose the file you created.

Excel Import from Text file

At the first Wizard Screen choose Delimited and click next and on the second screen tick Other and in the text field enter the Vertical Bar. From here you can click Finish.Excel Import Wizard Step 1Excel Import wizard step 2

Output

This will give you and output file that looks similar to the below. I created a Structure that gives you an idea of how the different folders can display the different permissions.

Excel Output file

So if is too technical for you, there is software that can export the same info for you too HTML for free unless you buy it.
You can view NTFS Permission Reporter  or wait for my next post as this is an awesome tool.

If you liked what you read Please Share.

I’d love it if you followed me on Twitter and Facebook.

Also, feel free to subscribe to my posts by email. Thanks for reading.

Spread the love

Leave a Reply

Your email address will not be published. Required fields are marked *