How it works...

This recipe begins, in step 1, by defining a hash table of the permissions that you can use in a printer's DACL. In step 2, you use the Get-CimInstance cmdlet to retrieve the WMI object relating to the Sales Group color printer.

In step 3, you use the GetSecurityDescriptor method of the printer object to get the DACL for this printer. The DACL, which you store in the $DACL variable, is an array of individual Win32_ACE objects.

In steps 4 you examine each Ace in the DACL to get, decode, and display the details of the permission expressed by this Ace entry. In step 5, you iterate through the permissions (as defined in step 1). In step 6, you check to see if the flag matches the AccessMask property of the Ace. If the entry matches, you determine the ace type in step 6. In step 7, you get the permission type nicely formatted. Finally, in step 8, you display the particular permissions. The output from the final step in this recipe looks like this: