So this is giving me an idea of what I am up against:
$Server = "\\<server>"
$UserPath = "\<user folder path>"
$FolderPath = $Server + $UserPath
$AllOrphanedFolders = Get-ChildItem -path $FolderPath | Where-Object
{$_.PSIsContainer -eq $True} | Get-OrphanedAce
$TotFolderSize = 0
ForEach ($OrphanedFolder in $AllOrphanedFolders) {
$FolderSize = (Get-ChildItem -Path $OrphanedFolder.FullName
-recurse -Force -ErrorAction SilentlyContinue | Measure-Object
-Property length -sum).sum / 1mb
$TotFolderSize+= $FolderSize
}
$TotFS = "{0:n2}" -f $TotFolderSize + " MB"
Write-Host "Total size = " $TotFS
I'll probably have to loop through all the orphaned folders; take
ownership of each folder and file within; grant access to specific
accounts; move them out of that folder path, to a separate drive we
will be creating just for previous employee's user folders.
Something to look forward to, I guess. :-)
Thanks for the hints, and the link to that module.
On Thu, Apr 23, 2015 at 4:37 AM, Emin <[email protected]> wrote:
> Hi,
>
> There's a nice module on the Technet Gallery for this.
> https://gallery.technet.microsoft.com/scriptcenter/1abd77a5-9c0b-4a2b-acef-90dbb2b84e85
> It has the following command documented:
> dir -Recurse | Get-OrphanedAce | Remove-Ace
>
>
> On Wed, Apr 22, 2015 at 8:43 PM, Michael Leone <[email protected]> wrote:
>>
>> So we have a file server, whose main function is to hold user home
>> folders. Now, when users leave the company, we have a protocol to use
>> (disable user in AD; move to special OU; every few months, we delete
>> those accounts of ex-employees). What we don't seem to do is do
>> anything with the user's home folder. So I end up with folders that
>> have ACLs that still point to non-existent SIDs. And I want to
>> enumerate these, so I can make a special backup, then delete these
>> folders, for space reasons.
>>
>> I know I can do:
>>
>> $ACL = Get-ACL <filepath>
>> $ACL.Access | Select-Object -ExpandProperty IdentityReference
>>
>> and it lists just the user/group that has access And one is just a
>> SID, of course, because the AD account has been deleted.
>>
>> So what I need to do is produce a report of all folders that have just
>> a bare SID in the ACL. (eventually, we will take ownership of said
>> folder, and then move the contents to a special folder; back it up;
>> then delete it).
>>
>> So what would be the best way to do this - get a list of folders with
>> a bare SID? Is what I show above a good way (with a WHERE clause,
>> etc), or is there a better way?
>>
>> Thanks
>>
>>
>> ================================================
>> Did you know you can also post and find answers on PowerShell in the
>> forums?
>> http://www.myitforum.com/forums/default.asp?catApp=1
>>
>
>
> ================================================
> Did you know you can also post and find answers on PowerShell in the forums?
> http://www.myitforum.com/forums/default.asp?catApp=1
================================================
Did you know you can also post and find answers on PowerShell in the forums?
http://www.myitforum.com/forums/default.asp?catApp=1
