Enumerating ACLs stalls OS

[soulemike]

Enumerating ACLs in large environments can cause system resource exhaustion in large environments.

I have been able to update the Function Get-ADRACL to include -SearchBase $DnBase and $objSearcherPath.SearchRoot = "LDAP://$DnBase" using an additional property, but that isn't ideal.

The property could be brought into the helper Function Invoke-ADRecon or could be used to iterate through the subtrees as smaller chunks.

Let me know if you want me to merge the -SearchBase and SearchRoot as an example to test with.

[prashant3535]

That module has been on my todo list for refactor for a while :(

Go for it

[soulemike]

I haven't had time to update this into the PR, but I think a quick optimization is to distribute the file writes within a single module. Currently it appears all writes are held in memory until a single write operation at the conclusion of the module.

Here is an example Gist using a subset of the DACL module that iterates over DN Bases and does appending writes. This may not be efficient from a disk IO perspective and may be better to modulo the write frequency.
https://gist.github.com/Snozzberries/028dec42f1a253c2ce556aeaedb556f7

[prashant3535]

I've merged the pull request. Will have a look through the gist and merge the changes when possible. Thank @Snozzberries :)