There are situations, for example, when an employee leaves a company when it is necessary to find all the files owned by a specific user so that the files can be moved, deleted or the owner of those files changed.
Manual methods can be time-consuming, so it is preferable to find an automated way of working. One method is to use PowerShell scripts. For example, the PowerShell script provided below enables you to find all files on a share or in a specified folder that have a particular owner in their ACL by using the Get-ChildItem and Get-Acl cmdlets.
However, even with this script, generating the output file can take a lot of time if there are many files to parse on your file server.
A solution to this is to use the Lepide Auditor and run the Permissions by Object Report.
Here are two ways to find files by the owner and they are described below.
- Using the PowerShell Script
- Using the Lepide Auditor
Track Files by Owner Using PowerShell
Please follow the below steps:
- Open the PowerShell ISE
- Run the following script on the workstation, specifying the network path of a file share or file system, the file owner’s name, and the file path for export to CSV:
[String]$username = "Multicorp\Paul" [String]$username = "Multicorp\Paul" [String]$outfile = "C:\Dataowner.csv" [String]$sharepath = "\\112.136.02.284\Multicorp" $path = Get-ChildItem $sharepath -Recurse Foreach( $file in $path ) { $f = Get-Acl $file.FullName if( $f.Owner -eq $username ) { Write-Host( "{0}"-f $file.FullName | Out-File ` -Encoding "UTF8" ` -FilePath $outfile -Append) } } | Export-Csv "C:\owner.csv"
- Open the file produced by the script
Find Files by Owner Using the Lepide Auditor
This native way to find files by owner is both time-consuming and complex. A more straightforward solution to this is to use the Permissions by Object Report from the Lepide Auditor:
- Click the Permissions & Privileges icon and choose Permissions by Object
- Select the required file server and click Generate Report
Learn more about NTFS permissions analysis by Lepide Auditor.