Forum Discussion

MoZZa's avatar
MoZZa
Iron Contributor
Dec 01, 2020

Modifying NTFS Permissions Using the NTFSSecurity Module

Hi All, I am hoping someone can help me crack this issue. I have been tasked with changing the Access Rights on millions of files and folders for each user/group that has access to them currently. ...
  • farismalaeb's avatar
    farismalaeb
    Dec 04, 2020

    Hi MoZZa

    I tried The NTFSSecurity Module, but it seems that there still some missing features in it such as Set-NTFSAccess, or maybe I did not see it.

    anyway.

    I wrote a code that will do the following

    will read the permission from the folder to a variable, set change the value in the variable (it was hardcoded), and then apply these settings to the folder back, this will not change the Apply to scope, and the only thing that should change is the permission only and nothing else

    anyway

    i did the test on my lab and its a small scope, try it from your side and let me know

    below are some pictures of the result, Oh, did I forget to tell you that i did not use the NTFSSecurity module. 

    Before the Script

    After the Script

     

    $acl=Get-Acl -Path C:\MyTestFolder 
    foreach ($singleACL in ($acl.Access | where {($_.FileSystemRights -like "*FullControl*") -and ($_.IsInherited -like $false)})){
    $FileSystemRights=@("ReadData, Delete, Synchronize")
    $AccessControlType=$singleACL.AccessControlType
    $IdentityReference=$singleACL.IdentityReference
    $InheritanceFlags=$singleACL.InheritanceFlags
    $PropagationFlags=$singleACL.PropagationFlags
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($IdentityReference, $FileSystemRights,$InheritanceFlags, $PropagationFlags, $AccessControlType) # This folder only   
    $acl.SetAccessRule($rule)
    Set-Acl -Path C:\MyTestFolder -AclObject $acl
    }

    Try the script, and let me know

    and I hope I understand the requirement correct (sometime my bad English fails me  :facepalm:)

     

     

    ---------------- 

    If this answer helped, please click on best Response and give like 🙂

Resources