Scripting Help
Posted: Wed Aug 18, 2021 2:10 pm
So I found a script that searches a file share and out puts, the file name, user\group, permissions. I need to add to it so it can give me the SID for each user or group.
I was able to get the column to show up but when I run it, the script fails when it tries to look up the SID? I'm not very good with scripting and I'm a bit surprised I made it this far
Any ideas on what I'm doing wrong?
Code: Select all
import-module ActiveDirectory
$FolderPath = Get-ChildItem -Directory -Path "\\FileShare\Path" -Recurse -Force
$Output = @()
ForEach ($Folder in $FolderPath) {
$Acl = Get-Acl -Path $Folder.FullName
ForEach ($Access in $Acl.Access) {
#$SID=Get-ADGroup -Identity $Access.IdentityReference|Select-Object SID
$Properties = [ordered]@{'Folder Name'=$Folder.FullName;'Group/User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited; 'SID'=$SID}
$Output += New-Object -TypeName PSObject -Property $Properties
}
}
$Output | Out-GridView
Code: Select all
Get-ADGroup : Cannot bind parameter 'Identity'. Cannot convert the "Security Group name" value of
type "System.Security.Principal.NTAccount" to type "Microsoft.ActiveDirectory.Management.ADGroup".
At line:7 char:28
+ $SID=Get-ADGroup -Identity $Access.IdentityReference|Select-Object SID
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Get-ADGroup], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.ActiveDirectory.Management.Commands.Ge
tADGroup