ScriptingPro · February 3, 2020 22:07
diff --git a/Remove_EVERYONE+Inherited.ps1 b/Remove_EVERYONE+Inherited.ps1
 # run as admin
 # USE WITH CAUTION and test for desired results
 gci -Recurse -Directory | %{
    $Descriptor = Get-Acl $_.FullName
    # first look for inherited access to we can disable inheritance and copy the AuthorizationRuleCollection 
    $InheritedAccess2Remove = $Descriptor.Access | ?{$_.IdentityReference -eq 'Everyone' -and $_.IsInherited -eq $true} 
    if($InheritedAccess2Remove){
        $Descriptor.SetAccessRuleProtection($True, $True)
        Set-Acl -Path $_.FullName -AclObject $Descriptor 
    }
    # now remove all explicitly defined access including what we converted above
    $Descriptor = Get-Acl $_.FullName
    $Access2Remove = $Descriptor.Access | ?{$_.IdentityReference -eq 'Everyone' -and $_.IsInherited -eq $false} 
    if($Access2Remove){
        $Descriptor.RemoveAccessRule($Access2Remove)    
        Set-Acl -Path $_.FullName -AclObject $Descriptor 
    }

 }
	# run as admin
	# USE WITH CAUTION and test for desired results
	gci -Recurse -Directory \| %{
	$Descriptor = Get-Acl $_.FullName
	# first look for inherited access to we can disable inheritance and copy the AuthorizationRuleCollection
	$InheritedAccess2Remove = $Descriptor.Access \| ?{$_.IdentityReference -eq 'Everyone' -and $_.IsInherited -eq $true}
	if($InheritedAccess2Remove){
	$Descriptor.SetAccessRuleProtection($True, $True)
	Set-Acl -Path $_.FullName -AclObject $Descriptor
	}
	# now remove all explicitly defined access including what we converted above
	$Descriptor = Get-Acl $_.FullName
	$Access2Remove = $Descriptor.Access \| ?{$_.IdentityReference -eq 'Everyone' -and $_.IsInherited -eq $false}
	if($Access2Remove){
	$Descriptor.RemoveAccessRule($Access2Remove)
	Set-Acl -Path $_.FullName -AclObject $Descriptor
	}

	}