Skip to content

Instantly share code, notes, and snippets.

@ScriptingPro
Last active February 3, 2020 22:07
Show Gist options
  • Save ScriptingPro/7d02b5318f2962865b4e4044f251383d to your computer and use it in GitHub Desktop.
Save ScriptingPro/7d02b5318f2962865b4e4044f251383d to your computer and use it in GitHub Desktop.
Removes Everyone including Inherited Everyone
# run as admin
# USE WITH CAUTION and test for desired results
gci -Recurse -Directory | %{
$Descriptor = Get-Acl $_.FullName
# first look for inherited access to we can disable inheritance and copy the AuthorizationRuleCollection
$InheritedAccess2Remove = $Descriptor.Access | ?{$_.IdentityReference -eq 'Everyone' -and $_.IsInherited -eq $true}
if($InheritedAccess2Remove){
$Descriptor.SetAccessRuleProtection($True, $True)
Set-Acl -Path $_.FullName -AclObject $Descriptor
}
# now remove all explicitly defined access including what we converted above
$Descriptor = Get-Acl $_.FullName
$Access2Remove = $Descriptor.Access | ?{$_.IdentityReference -eq 'Everyone' -and $_.IsInherited -eq $false}
if($Access2Remove){
$Descriptor.RemoveAccessRule($Access2Remove)
Set-Acl -Path $_.FullName -AclObject $Descriptor
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment