Saad A
Reputation: 1147
Filter Permission by IdentityReference
I am fetching some folder permissions, however, I only want permissiosn that are not "NT AUTHORITY\SYSTEM" or "BUILTIN\Administrators"
My code is:
$acl = Get-Acl $path
$perm = $acl.Access | where{$_.IdentityReference -notmatch "NT AUTHORITY\SYSTEM"}
Write-Output $perm
But its still showing "NT AUTHORITY\SYSTEM" permission, how do I filter out that records I don't want?
Upvotes: 0
Views: 3154
Answers (1)
Martin Brandl
Reputation: 58991
TL;DR:
-notmatch is using regular expressions and your string contains \S which will match any non-whitespace character (which is not what you want).
use -notlike instead of -notmatch:
$acl = Get-Acl $path
$perm = $acl.Access | where{$_.IdentityReference -notlike "NT AUTHORITY\SYSTEM"}
Write-Output $perm
To filter for multiple entries, I would use -notin:
$acl = Get-Acl $path
$perm = $acl.Access | where{$_.IdentityReference -notin @("BUILTIN\Administrators", "NT AUTHORITY\SYSTEM")}
Write-Output $perm
Upvotes: 3
Related Questions
- Powershell: How do I convert ADUser to IdentityReference?
- PowerShell - No mapping between account names and security IDs was done error
- List out enabled users who are members of certain security groups
- Powershell Get-Acl Owner Reference
- Unable to filter ACL.IdentityReference to exclude certain pattern?
- How to identify if the IdentityReference is a Group or a simpy a user
- Check in powershell permission string is valid
- Filter Powershell Script for Enabled Computer Accounts Odd Results
- How to get effective permissions with PowerShell for an attribute on the AD user object
- Powershell Security Identity Mapping/Name mapping in Active Directory