Powershell – Get-ChildItem for 2-3 levels

powershell

So, I'm trying to pull a listing of the DFS-N folder structure for a client. However, for various reasons I'm going to be limiting it to 2 levels deep from $share. Also, the 40+ file servers don't have PowerShell 5 yet, so using the -depth switch isn't an option right now.

The problem I'm having is that the method I read should limit it, isn't limiting it correctly.

Get-ChildItem -path $share,$share\*,$share\*\* | ForEach-Object {
        $Path  = "$_"

        $Acl = Get-Acl $Path
        $Acl | 
            Select-Object -ExpandProperty Access | 
            Add-Member -MemberType NoteProperty -Name Path -Value $Path -PassThru  |
            Add-Member -MemberType NoteProperty -Name Owner -Value $Acl.Owner -PassThru

However, when I look at the output, it contains what appears to be every single folder under $path, some of which are 3 levels deep, not just 2. It's not a huge issue, but I'm wondering if anyone knows what I'm doing wrong? As an example, $share is being defined as:

$share = "\\" + $server + "\" + $site + "_Data"

But I'm seeing results that are like, for example: \\namespace\site_data\SOX\Activo Fijo 2016\Septiembre

Best Answer

How about manually grabbing the first level only, then looping though the second level as a step? I made your code to print the ACLs into a function, and manually stepped through grabbing the first three levels. If the items in the first level are folders ($_.ISPSContainer), they get their child items pulled and processed, and another level of the same to get the next level. Ideally, you wouldn't re-use the code, it should be refactored into another function to do the recursion, but that would require passing a parameter that you could tell it how many more levels to pull. Then each loop could decrement that counter and call itself if the $counter -gt 0.

Function Print-Acl {
    param(  
    [Parameter(
        Position=0, 
        Mandatory=$true)
    ]
    [String[]]$Path
    ) 

    $Acl = Get-Acl $Path
    $Acl | 
        Select-Object -ExpandProperty Access | 
        Add-Member -MemberType NoteProperty -Name Path -Value $Path -PassThru  |
        Add-Member -MemberType NoteProperty -Name Owner -Value $Acl.Owner -PassThru
}

Get-ChildItem -path $share | ForEach-Object {
    # First Level
    if ($_.PSIsContainer) {
        Print-Acl -Path $_.FullName
        Get-ChildItem -Path $_.FullName | ForEach-Object {
            # Second Level
            if ($_.PSIsContainer) {
                # Third level
                Print-Acl -Path $_.FullName
                Get-ChildItem -Path $_.FullName | ForEach-Object {
                    Print-Acl -Path $_.FullName
                }
            }
            else {
                Print-Acl -Path $_.FullName
            }
        }
    }
    else {
        Print-Acl -Path $_
    }
}

Related Solutions

Powershell – Kill process, then uninstall application–Can I do this with PowerShell, over 400 computers, from a txt file

While this is technically possible, there's probably a better way to go about it.

And speaking of better ways to go about it, You could do this in a GPO with a few lines of code as a startup or shutdown script, which is how I handle this. With a few more lines of code you could log the results of checking for the presence of this thing and/or uninstalling it, which would undoubtedly be useful in your compliance efforts.

If a GPO-linked startup/shutdown script's not an option for whatever reason, I think I'd use PSExec to kill the process on a list of computers read in from file and then script the uninstall in an appropriate language. Seem to me that this is a lot easier in VB, for example.

a=WshShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\UninstallString")

If a<>"" Then

WshShell.Run(a&" /S"),1,True
i=i+1

end if

(Goodbye Google Toolbar, in that example which I wrote or copied a few years back. Copied, probably. I am rather lazy.)

Without debugging the PS script you copied, I'd point out that you might be running a different PS version, different PS modules installed/loaded and/or there might be some dependencies that your XP machines don't have in place that's causing problems.

Powershell – How to override the “get-childItem” command in Powershell

Yes, you can override Get-ChildItem or any other cmdlet in Powershell.

Name Your Function The Same

If you make a function with the same name in the same scope, yours will be used.

Example:

Function Get-ChildItem {
[CmdletBinding()]
param(
    # Simulate the parameters here
)
    # ... do stuff
}

Using Aliases

Create your own function, and then create an alias to that function, with the same name as the cmdlet you want to override.

Example:

Function My-GetChildItem {
[CmdletBinding()]
param(
    # Simulate the parameters here
)
    # ... do stuff
}

New-Alias -Name 'Get-ChildItem' -Value 'My-GetChildItem' -Scope Global

This way is nice because it's easier to test your function without stomping on the built-in function, and you can control when the cmdlet is overridden or not within your code.

To remove the alias:

Remove-Item 'Alias:\Get-ChildItem' -Force

Know the Command Precedence

about_Command_Precedence lists the order in which commands of different types are interpreted:

If you do not specify a path, Windows PowerShell uses the following precedence order when it runs commands:

Alias

Function

Cmdlet

Native Windows commands