A PowerShell function that allows directory recursion to a specified depth.

1 Comment

  1. Really helpful – thanks for this.

    Fyi I’ve used it in a script which scans a folder structure for a specified AD group on the ACLs of folders. Not quite finished, but the basic premise is:
    # SCRIPT PURPOSE:
    # Lookup a specified group name and scan a older tree to see if it appears in the acls of any of the folders
    # AUTHOR: Ian Manning
    # DATE: 2012-09-27
    # Note uses a function taken from : http://www.indented.co.uk/index.php/2010/01/22/limit-recursion-depth-with-get-childitem/
    # Also uses the Quest AD cmdlets

    Add-PSSnapin Quest.ActiveRoles.ADManagement

    # Read in the path to scan and check it is valid

    $folder = Read-Host “Enter a folder path to search”
    If (!(Test-Path $folder) -eq $true ) {
    Write-Host ” ” -ForegroundColor Yellow -BackgroundColor Black
    Write-Host “Folder path not found (or you don’t have permissions to view it)” -ForegroundColor Yellow -BackgroundColor Black
    Write-Host “The Path you entered was: ” + $folder -ForegroundColor Yellow -BackgroundColor Black
    Write-Host ” ” -ForegroundColor Yellow -BackgroundColor Black
    Sleep 2
    Exit
    }
    Else {}

    # Read in the number of levels to scan to – and check we’ve got a number as input
    $ErrorActionPreference = “SilentlyContinue”
    [int]$levels = Read-Host “Enter how many levels you want to drill down”
    If (!$levels -eq $true) {
    Write-Host ” ” -ForegroundColor Yellow -BackgroundColor Black
    Write-Host “You must enter a number” -ForegroundColor Yellow -BackgroundColor Black
    Write-Host ” ” -ForegroundColor Yellow -BackgroundColor Black
    Sleep 2
    Exit
    }
    Else {}

    # Get the group to search for and check it exists
    $group = Read-Host “Enter an AD group to search for”
    If (!(Get-QADGroup $group) -eq $true) {
    Write-Host ” ” -ForegroundColor Yellow -BackgroundColor Black
    Write-Host “Couldn’t find the group you entered in active directory” -ForegroundColor Yellow -BackgroundColor Black
    Write-Host ” ” -ForegroundColor Yellow -BackgroundColor Black
    Sleep 2
    Exit
    }
    Else {}

    Function Get-ChildItemToDepth {
    Param(
    [String]$Path = $PWD,
    [String]$Filter = “*”,
    [Byte]$ToDepth = 255,
    [Byte]$CurrentDepth = 0,
    [Switch]$DebugMode
    )

    $CurrentDepth++
    If ($DebugMode) { $DebugPreference = “Continue” }

    Get-ChildItem $Path | %{
    $_ | ?{ $_.Name -Like $Filter }

    If ($_.PsIsContainer) {
    If ($CurrentDepth -le $ToDepth) {

    # Callback to this function
    Get-ChildItemToDepth -Path $_.FullName -Filter $Filter
    -ToDepth $ToDepth -CurrentDepth $CurrentDepth

    } Else {

    Write-Debug $("Skipping GCI for Folder: $($_.FullName) " +
    “(Why: Current depth $CurrentDepth vs limit depth $ToDepth)”)

    }
    }
    }
    }

    $paths = Get-ChildItemToDepth -Path $folder -ToDepth $levels
    Foreach ($path in $paths) {
    $nullcheck = 0
    $acl = Get-Acl $path.FullName | Select-Object Access
    $acl.Access | % { If ( $group -eq $_.IdentityReference ) { Write-Host -ForegroundColor Red -BackgroundColor White ($group + ” Matched on ” + $path.FullName); $nullcheck++ }}

    }
    If (!$nullcheck -ne 0 ) {
    Write-Host “****No Matches found****” -ForegroundColor Red -BackgroundColor White
    }
    Else {}

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *