Sometimes you need to re-create a nested folder structure, and may also want to clone the NTFS permissions. Today we are tackling the first step: recording an existing folder structure along with NTFS permissions in SDDL form.
This task is accomplished by Get-FolderStructureWithPermission. It accepts a path to an existing folder, then returns all of its child folders along with their NTFS permissions in SDDL form:
function Get-FolderStructureWithPermission { param ( [String] [Parameter(Mandatory)] $Path ) if ((Test-Path -Path $Path -PathType Container) -eq $false) { throw "$Path does not exist or is no directory!" } Get-ChildItem -Path $Path -Recurse -Directory | ForEach-Object { $sd = Get-Acl -Path $_.FullName $sddl = $sd.GetSecurityDescriptorSddlForm('all') [PSCustomObject]@{ Path = $_.FullName.Substring($Path.Length) SDDL = $sddl } } }
You can pipe the output to Out-GridView, save it into a variable, or write it to disk using Export-Csv.
PS C:> Get-FolderStructureWithPermission -Path $home | Format-List Path : .dnx SDDL : O:S-1-5-21-2012478179-265285931-690539891-1001G:S-1-5-21-2012478179-265285931-690539891-1001D:(A;OICIID;FA;;;SY)(A;OI CIID;FA;;;BA)(A;OICIID;FA;;;S-1-5-21-2012478179-265285931-690539891-1001) Path : .plaster SDDL : O:S-1-5-21-2012478179-265285931-690539891-1001G:S-1-5-21-2012478179-265285931-690539891-1001D:(A;OICIID;FA;;;SY)(A;OI CIID;FA;;;BA)(A;OICIID;FA;;;S-1-5-21-2012478179-265285931-690539891-1001) Path : .vscode SDDL : O:S-1-5-21-2012478179-265285931-690539891-1001G:S-1-5-21-2012478179-265285931-690539891-1001D:(A;OICIID;FA;;;SY)(A;OI CIID;FA;;;BA)(A;OICIID;FA;;;S-1-5-21-2012478179-265285931-690539891-1001) Path : .vscode-insiders SDDL : O:S-1-5-21-2012478179-265285931-690539891-1001G:S-1-5-21-2012478179-265285931-690539891-1001D:(A;OICIID;FA;;;SY)(A;OI CIID;FA;;;BA)(A;OICIID;FA;;;S-1-5-21-2012478179-265285931-690539891-1001) Path : 3D Objects SDDL : O:S-1-5-21-2012478179-265285931-690539891-1001G:S-1-5-21-2012478179-265285931-690539891-1001D:(A;OICIID;FA;;;SY)(A;OI CIID;FA;;;BA)(A;OICIID;FA;;;S-1-5-21-2012478179-265285931-690539891-1001) ...
Disclaimer: all code presented here is just for information purpose. While we do take great care to test it, there is no warranty whatsoever, and it is no production-ready code. It is your responsibility to test and determine whether this code runs flawlessly and fits your need.