Occasionally, you’ll find a file server that has had permissions no longer inherited in a bunch of seemingly random places and it can be difficult to sort out where to begin with necessary changes moving forward.
I happen to stumble upon how to get better visibility into inheritance with Powershell:
dir c:\test -Directory -recurse | get-acl |
Where {$_.AreAccessRulesProtected} |
Select @{Name="Path";Expression={Convert-Path $_.Path}},AreAccessRulesProtected |
ft -AutoSize
In the example below, I created a test directory, C:\test, breaking inheritance of the subfolder, ‘notinherited.’
You’ll note that this folder is showing that AreAccessRulesProtected attribute to be true, indicating inheritance has been disabled.
