PowerShell function to get NTFS permissions on a folder for groups and users recursive

This script is something I’ve been playing with in my head for quite some time now.
Today I found some time to do script this 🙂

So, what are some of the use-cases?

  1. Documentation (project, operational).
  2. Reporting.
  3. Auditing (compare files from today and yesterday and there’s your auditing).

The script requires the Active Directory module to be installed as defined by the line ‘#Requires –Modules ActiveDirectory’.
The output looks something like:


… and when you convert it to an Excel file, where a manager can do some auto-filtering:


Useful, right? 🙂

Here’s the script:


  1. Noob says:

    It seems like it is only listing users that are given permissions via a group. Any user assigned permission directly to the share will not be correctly listed.
    The script does not check for users, only groups – that are then resolved into individual users.

  2. User says:

    ‘DirectoryPath’ –Value $Share should better be ‘DirectoryPath’ –Value $ACL.Path to deal with wildcards in $path

  3. Dusan says:

    Not working on recruse folders and files 🙁

Leave a Reply

Your email address will not be published. Required fields are marked *