Forum Discussion

Frenchy81100's avatar
Frenchy81100
Copper Contributor
Nov 14, 2022

Specials Get-Acl and Set-Acl rules on directories

Hello Everyone, 

 

I'm managing to create a script for a company I am working with, and unfortunately, I'm stuck. 

 

The company wants some people to only access few directories using that path model: 

C:\Users\Admin\Software\Clients\(Name of the clients)\DSS. 

Each directory (Name of the clients) contains the same directories (DSS, OSS, Direct, Flux, Opex). 

 

1 Group can only access DSS, Direct And Flux directories in read only mode, and can't access OSS and Opex directories. 

 

I got stuck here because of the (Name of the clients) directories... I tried to put it like so: 

C:\Users\Admin\Software\Clients\*\DSS

But it only reaches the first directory and don't applies on the other directories of Clients.

 

Can somebody please help me? 

Windows PowerShell
  • Harm_Veenstra's avatar
    Harm_Veenstra
    Nov 15, 2022

    $Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients -Directory -Recurse | where-object Name -eq Direct

    Does that work? I don't think the * works... Nope, it doesn't 🙂 

     

     

  • Harm_Veenstra's avatar
    Harm_Veenstra
    MVP
    Nov 14, 2022
    Could you share the part of your script in which you set the permissions? Are you missing the inheritance flags?
    • Frenchy81100's avatar
      Frenchy81100
      Copper Contributor
      Nov 15, 2022
      $NativeFolder=Get-ChildItem C:\Users\Administrateur\Software\Clients -Directory -Recurse
      $Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Direct -Directory -Recurse
      $Data2=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\DSS -Directory -Recurse
      $Data3=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Flux -Directory -Rercurse

      foreach ($Data1 in $NativeFolder)
      {

      $acl=Get-Acl $Data1
      $AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
      $acl.SetAccessRule($AccessRule)
      $acl | Set-Acl $Data1
      }

      Foreach ($Data2 in $NativeFolder)
      {

      $acl=Get-Acl $Data2
      $AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
      $acl.SetAccessRule($AccessRule)
      $acl | Set-Acl $Data2
      }

      Foreach ($Data3 in $NativeFolder)
      {

      $acl=Get-Acl $Data3
      $AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
      $acl.SetAccessRule($AccessRule)
      $acl | Set-Acl $Data3
      }


      Here Is the script, I already overwrite the Inheritance of the Folders up to C:\Users\Administrator\Software\Clients so I don't get stuck here.
      The really problem is that it needs to go inside the "Clients" Folder and access to all the folders inside of it (Name of the clients) and set Access on the Folders set by $Data1, $Data2 and $Data3.

      But when I do That, it lacks every folder of the (Name of the clients) one.
      • Harm_Veenstra's avatar
        Harm_Veenstra
        MVP
        Nov 15, 2022
        Did just a quick scan now, Aélys? It has a special character in it, if you try the DNS name instead of the Netbios name?

Resources