Detecting where Folder Permissions are not Inherited with Powershell

Occasionally, you’ll find a file server that has had permissions no longer inherited in a bunch of seemingly random places and it can be difficult to sort out where to begin with necessary changes moving forward.

I happen to stumble upon how to get better visibility into inheritance with Powershell:

dir c:\test -Directory -recurse | get-acl |
Where {$_.AreAccessRulesProtected} |
Select @{Name="Path";Expression={Convert-Path $_.Path}},AreAccessRulesProtected |
ft -AutoSize
In the example below, I created a test directory, C:\test, breaking inheritance of the subfolder, ‘notinherited.’
You’ll note that this folder is showing that AreAccessRulesProtected attribute to be true, indicating inheritance has been disabled.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s