How do I recursively check Folder Permissions?

When reviewing permissions on folders, it’s often important to not only know what groups have been assigned access, but to show the members of those groups as well (all in a single report).  And what if those groups have nested groups? We should be able to recurse those as well.

This script achieves the following:

  • Recurse all folders from the parent
  • Checks the ACLs applied to every folder found
  • Extrapolates any groups with ACLs and recurse any nested groups found
  • Outputs the each users rights, including the group name that gave them access


The output is a CSV file, with the fields:  <foldername> ^ <ACL Permissions> ^ <Group name or ‘Direct Assignment’> ^ <Users name>

Like this:



Leave a Reply

Your email address will not be published. Required fields are marked *