I have looked all over and I can only find examples of filtering an array by a single value, not an object by an array.

Here is what I have that works but seems kludgy to use a foreach loop, is there a way to filter my object by my array of "bad users"?

$permissions = dir -Recurse $path | where { $_.PsIsContainer } | ForEach-Object { $path1 = $_.fullname; Get-Acl $_.Fullname | ForEach-Object { $_.access }}         

$arrFilterDefaulsOut = @('NT AUTHORITY\SYSTEM','BUILTIN\Administrators','BUILTIN\Users','CREATOR OWNER')
foreach ($filter in $arrFilterDefaulsOut) {
    $permissions = $permissions | Select-Object * | Where-Object -property IdentityReference -ne $filter 
}

$permissions | Select-Object *| Export-Csv $finalReport 

I have tried using -notcontains but that seems to do nothing

CodePudding user response：

If I understand you correctly you want to filter out the defined identities, so you can do:

$permissionFiltered = $permissions | where-object {$arrFilterDefaulsOut -notcontains $_.IdentityReference}

CodePudding user response：

I think I understand what you were trying to do before with Add-Member before, this is how I would streamline the process keeping it efficient using an anonymous function that filters those FileSystemAccessRule where IdentityReference is not in the $arrFilterDefaulsOut array and creates new objects from those rules adding the absolute path of the folders.

Get-ChildItem -Recurse $path -Directory -PipelineVariable folder | & {
    begin {
        $arrFilterDefaulsOut = @(
            'NT AUTHORITY\SYSTEM'
            'BUILTIN\Administrators'
            'BUILTIN\Users'
            'CREATOR OWNER'
        )
    }
    process {
        foreach($rule in (Get-Acl $_.FullName).Access) {
            if($rule.IdentityReference -notin $arrFilterDefaulsOut) {
                $rule | Select-Object @{ N='Path'; E={ $folder.FullName }}, *
            }
        }
    }
} | Export-Csv path\to\report.csv -NoTypeInformation