A work in Progress. #powershell

Recently ran into a situation. There is a data move happening where the destination is to a DFS location mapped to a NetApp. Normally, you'd be thinking, "Cool, robocopy can slide the data over with the permissions in tact." Well, no. The controller on the NetApp is configured in such a way that NTFS permissions get blocked. 

After doing some reading on this, I am fairly certain that there is a configuration "mistake" on the NetApp CIFS shares. Regardless, things being as they are, I do not have visibility into this NetApp, so I'm speculating. 

Ahhh, but in comes a Powershell module I've been using for various tasks for about 6 months now. It's a good one. Here is a link to it on the Powershell Gallery -----> Link

This module actually works. I know what you're thinking. Why not use the built in Get-Acl and Set-Acl commandlets we all know and love? Because these also fail (due to the aforementioned NetApp issue, specifically related to ownership permissions being out of sorts on the CIFS configuration. My theory anyways.)

And so, because this module allows you to directly apply NTFS permissions to the out of sorts NetApp shares, well, I decided I needed to script it. This is a work in progress, and while it "works", it doesn't work exactly right yet. I need to straighten out some of the logic concerning the accounts and/or groups and their related permissions. And I'll probably document this powershell module further at a later date. But for now, I'm placing the beginnings of this script here so I can come back to it later. Have a gander, and feel free to fix or improve this start. A working script is the goal, and saving time and drudgery is the reward.

$dir = "SourceDirectory"

$folders = get-childitem $dir | where { $_.PsIsContainer}

forEach ($folder in $folders)  {
    
    $path = $folder.fullname
    $trustees = Get-NTFSAccess $path
    

    forEach ($acc in $trustees ) {
        
        $newdir = "DestinationDirectory"
        $trustee = $acc.Account.AccountName
        $permissions = $acc.AccessRights
        Add-NtfsAccess -Path $newdir -Account $trustee -AccessRights $permissions
    }
}