PowerShell - Get-Acl Permissions by UNC

Save this as a named.ps1, in the permission walk realm, this updating the UNC share outputs all recursive down the tree and outputs to C:\temp\SharedPermissions

$AllFolders = Get-ChildItem -Directory -Path "\\SERVER\SHARE" -Force -Recurse

$Results = @()

Foreach ($Folder in $AllFolders) {

$Acl = Get-Acl -Path $Folder.FullName

foreach ($Access in $acl.Access) {

if ($Access.IdentityReference -notlike "BUILTIN\Administrators" -and $Access.IdentityReference -notlike "domain\Domain Admins" -and $Access.IdentityReference -notlike "CREATOR OWNER" -and $access.IdentityReference -notlike "NT AUTHORITY\SYSTEM") {

$Properties = [ordered]@{'FolderName'=$Folder.FullName;'AD Group'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited}

$Results += New-Object -TypeName PSObject -Property $Properties

}

}

}

$Results | Export-Csv -path "C:\temp\SharedPermissions - $(Get-Date -format MMyy).csv"