Endpoint Encryption

I need to correct a large number of PGP NetShare volumes.  I would like to walk a directory tree with Powershell, pipe it through pgpnetshare.exe and make sure the Group Admin, Admin and user list are set properly.  I will be doing this with the organization ADK.  Currently I'm going through the folder structure by hand and re-encrypting as I go, but I would imagine that I can do this with Powershell (I just haven't used it before).

I've started by trying the following, where I can see the permissions set for a few folders:

$file = Get-ChilItem <base directory>

foreach ($file in $files) {pgpnetshare --list $file}

Any help/direction would be greatly appreciated.

I don`t think you need powershell.

Use something like this. You will need to correct parameters and values.

pgpnetshare.exe folder --reencrypt-delta  --signer "PGP Additional Decryption Key" --passphrae password  --group --recipient username --recipient username2 --recipient-owner  Adminuser --verbose --output-file output.txt

This might be of help:

Usage: PGPNetShare

[Commands]
     --version                 Show application version information
 -h  --help                    Print out help about this application
 -e  --encrypt                 Encrypt files or folders
 -d  --decrypt                 Decrypt files or folders
     --reencrypt               Reencrypt files or folders
     --reencrypt-full          Perform full re-encryption
     --reencrypt-delta         Reencrypt files or folders in delta mode
 -c  --reencrypt-clone         Reencrypt files or folders in clone mode
 -l  --list                    List file or folder ACL
     --list-xml                List file or folder ACL as XML
 -v  --verify                  Verify file or folder encryption
     --lock-all                Lock all files and folders
     --unlock                  Unlock a file or folder
     --set-driver              Set the NetShare Driver State
     --get-driver              Prints the NetShare Driver State

     Driver State:             {active | passive}

[Options]
 -r  --recipient               Specify a recipient
     --recipient-owner         Specify a recipient (Admin role)
     --recipient-operator      Specify a recipient (Group Admin role)
     --recipient-remove        Specify a recipient to be removed
     --recipient-xml           Specify list of recipients as XML
 -g  --group                   The name of a target group
     --group-operator          The name of a target group (Group Admin role)
 -s  --signer                  Specify the signer for this operation
     --signer-passphrase       Specify the passphrase of signer--
     --signer-passphrase-fd    Passphrase of signer from file descriptor
 -p  --passphrase              Passphrase to use for the operation
     --passphrase-fd           Read passphrase from a file descriptor
     --adk                     Specify an additional decryption key
     --public-keyring          Specify a public keyring file
     --private-keyring         Specify a private keyring file
 -u  --universal-server        Specify a Universal server
     --auth-username           User name for Universal server
     --auth-passphrase         Passphrase of user for Universal server
     --auth-passphrase-fd      Passphrase for Universal server from file desc.
     --output-file             File to use for log output

[Flags]
     --verbose                 Print additional information
     --remote                  Search on key servers
     --force                   Force decryption of files. Make backups first
     --halt-on-error           Stop operation on very first error
     --local-mode              Do not integrate with PGP SDK
     --preserve                Preserve certain file attributes
 -q  --quiet                   Quiet mode