Forum Discussion
Frenchy81100
Nov 14, 2022Copper Contributor
Specials Get-Acl and Set-Acl rules on directories
 Hello Everyone,      I'm managing to create a script for a company I am working with, and unfortunately, I'm stuck.      The company wants some people to only access few directories using that path m...
- Nov 15, 2022$Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients -Directory -Recurse | where-object Name -eq Direct 
 Does that work? I don't think the * works... Nope, it doesn't 🙂
Nov 14, 2022
Could you share the part of your script in which you set the permissions? Are you missing the inheritance flags?
Frenchy81100
Nov 15, 2022Copper Contributor
$NativeFolder=Get-ChildItem C:\Users\Administrateur\Software\Clients -Directory -Recurse
$Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Direct -Directory -Recurse
$Data2=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\DSS -Directory -Recurse
$Data3=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Flux -Directory -Rercurse
foreach ($Data1 in $NativeFolder)
{
$acl=Get-Acl $Data1
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data1
}
Foreach ($Data2 in $NativeFolder)
{
$acl=Get-Acl $Data2
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data2
}
Foreach ($Data3 in $NativeFolder)
{
$acl=Get-Acl $Data3
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data3
}
Here Is the script, I already overwrite the Inheritance of the Folders up to C:\Users\Administrator\Software\Clients so I don't get stuck here.
The really problem is that it needs to go inside the "Clients" Folder and access to all the folders inside of it (Name of the clients) and set Access on the Folders set by $Data1, $Data2 and $Data3.
But when I do That, it lacks every folder of the (Name of the clients) one.
$Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Direct -Directory -Recurse
$Data2=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\DSS -Directory -Recurse
$Data3=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Flux -Directory -Rercurse
foreach ($Data1 in $NativeFolder)
{
$acl=Get-Acl $Data1
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data1
}
Foreach ($Data2 in $NativeFolder)
{
$acl=Get-Acl $Data2
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data2
}
Foreach ($Data3 in $NativeFolder)
{
$acl=Get-Acl $Data3
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("Aélys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data3
}
Here Is the script, I already overwrite the Inheritance of the Folders up to C:\Users\Administrator\Software\Clients so I don't get stuck here.
The really problem is that it needs to go inside the "Clients" Folder and access to all the folders inside of it (Name of the clients) and set Access on the Folders set by $Data1, $Data2 and $Data3.
But when I do That, it lacks every folder of the (Name of the clients) one.
- Nov 15, 2022Did just a quick scan now, Aélys? It has a special character in it, if you try the DNS name instead of the Netbios name?- Frenchy81100Nov 15, 2022Copper ContributorI tried without the "é" and it didn't work either (modified in the active directory), it could have been that but i think it can't reach each folders of the folder "Clients" - Nov 15, 2022Perhaps you should take Ownership first?
 $ACL = Get-ACL .\smithb
 $Group = New-Object System.Security.Principal.NTAccount("Builtin", "Administrators")
 $ACL.SetOwner($Group)
 Set-Acl -Path .\smithb\profile.v2 -AclObject $ACL
 https://learn-powershell.net/2014/06/24/changing-ownership-of-file-or-folder-using-powershell/