How to Get ACL for a Folder


We never share your data. Privacy Policy
Native Auditing Netwrix Auditor for Windows File Servers
Steps
  1. Open the Powershell ISE → Create a new script using the following code:

$path = "\\pdc\Shared\Accounting" #define path to the shared folder
$reportpath ="C:\data\ACL.csv" #define path to export permissions report
#script scans for directories under shared folder and gets acl(permissions) for all of them
dir -Recurse $path | where { $_.PsIsContainer } | % { $path1 = $_.fullname; Get-Acl $_.Fullname | % { $_.access | Add-Member -MemberType NoteProperty '.\Application Data' -Value $path1 -passthru }} | Export-Csv $reportpath

  1. Specify the path to the folder of interest and where the results should be saved.
  2. Run the script.
  3. Open the file produced by the script in Microsoft Excel.
Microsoft Excel file produced by the PowerShell script
  1. Run Netwrix Auditor → Navigate to "Reports" → "File Servers" → "File Servers - State-in-Time" → Choose the "Folder and File Permission Details" report.
  2. Specify the following filters:
    • Object UNC Path — Specify the appropriate path.
    • Including subfolders — Set to "Yes".
    • Object with inherited permissions — Set to "Show".
  3. Click "View Report".


To save the report, click the "Export" button → Select a format, such as PDF → Click "Save as" → Choose a location to save it.

Netwrix Auditor Folder and File Permission Details report: shows permissions granted on a shared folders, its subfolders and files

 

An Easy Way to Get ACL Share Permissions with PowerShell or Netwrix Auditor

An Access Control List (ACL) is a list of permissions assigned to objects in a Microsoft environment. It defines which users have access to folders and files located on file servers and which actions they can perform on those objects: read, write, execute, modify or even full access. Setting permissions using the least -privilege model and monitoring them regularly is critical to data security in your Windows file system.

You can get ACL share permissions using the PowerShell Get-ACL cmdlet. But there’s an easier way to stay in control of your access control list configuration, with no PowerShell scripting or thinking about security descriptors.

Netwrix Auditor for Windows File Servers simplifies user entitlement and file analysis reporting for better data security and information management. It gets the ACL for any folder on your servers. Moreover, in just a few clicks, you can also discover overexposed data, identify data owners, check data usage and data volumes, and spot stale and duplicate files ripe for cleanup.