How to list folder where certain security groups do have access ( Powershell ) Active Directory


This is a nice script that will tell you what folders have permission certain security group;
Very handy in cases of taking over of a new Active directory or after a migration

Here is the code and note the following:

You need to replace YoUrdomain for your actually domain ; do not use .com or .org it is not needed;
If it was contoso would be



$Sec_group = Read-Host -Prompt 'INSERT SEC GROUP PLEASE'
Get-ChildItem D:\Data -Recurse | Where-Object { $_.PSIsContainer -and (Get-Acl $_.FullName | Select-Object -ExpandProperty Access | ForEach-Object {$_.IdentityReference.Value }) -eq "YOURDOMAIN\$Sec_group"}
Get-ChildItem D:\Starbucks -Recurse | Where-Object { $_.PSIsContainer -and (Get-Acl $_.FullName | Select-Object -ExpandProperty Access | ForEach-Object {$_.IdentityReference.Value }) -eq "YOURDOMAIN\$Sec_group"}



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s