So we have a file server, whose main function is to hold user home folders. Now, when users leave the company, we have a protocol to use (disable user in AD; move to special OU; every few months, we delete those accounts of ex-employees). What we don't seem to do is do anything with the user's home folder. So I end up with folders that have ACLs that still point to non-existent SIDs. And I want to enumerate these, so I can make a special backup, then delete these folders, for space reasons.
I know I can do: $ACL = Get-ACL <filepath> $ACL.Access | Select-Object -ExpandProperty IdentityReference and it lists just the user/group that has access And one is just a SID, of course, because the AD account has been deleted. So what I need to do is produce a report of all folders that have just a bare SID in the ACL. (eventually, we will take ownership of said folder, and then move the contents to a special folder; back it up; then delete it). So what would be the best way to do this - get a list of folders with a bare SID? Is what I show above a good way (with a WHERE clause, etc), or is there a better way? Thanks ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1
