Forum Discussion
Frenchy81100
Nov 14, 2022Copper Contributor
Specials Get-Acl and Set-Acl rules on directories
Hello Everyone, I'm managing to create a script for a company I am working with, and unfortunately, I'm stuck. The company wants some people to only access few directories using that path m...
- Nov 15, 2022
$Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients -Directory -Recurse | where-object Name -eq Direct
Does that work? I don't think the * works... Nope, it doesn't š
Frenchy81100
Nov 15, 2022Copper Contributor
$NativeFolder=Get-ChildItem C:\Users\Administrateur\Software\Clients -Directory -Recurse
$Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Direct -Directory -Recurse
$Data2=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\DSS -Directory -Recurse
$Data3=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Flux -Directory -Rercurse
foreach ($Data1 in $NativeFolder)
{
$acl=Get-Acl $Data1
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("AĆ©lys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data1
}
Foreach ($Data2 in $NativeFolder)
{
$acl=Get-Acl $Data2
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("AĆ©lys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data2
}
Foreach ($Data3 in $NativeFolder)
{
$acl=Get-Acl $Data3
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("AĆ©lys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data3
}
Here Is the script, I already overwrite the Inheritance of the Folders up to C:\Users\Administrator\Software\Clients so I don't get stuck here.
The really problem is that it needs to go inside the "Clients" Folder and access to all the folders inside of it (Name of the clients) and set Access on the Folders set by $Data1, $Data2 and $Data3.
But when I do That, it lacks every folder of the (Name of the clients) one.
$Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Direct -Directory -Recurse
$Data2=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\DSS -Directory -Recurse
$Data3=Get-ChildItem C:\Users\Administrateur\Software\Clients\*\Flux -Directory -Rercurse
foreach ($Data1 in $NativeFolder)
{
$acl=Get-Acl $Data1
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("AĆ©lys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data1
}
Foreach ($Data2 in $NativeFolder)
{
$acl=Get-Acl $Data2
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("AĆ©lys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data2
}
Foreach ($Data3 in $NativeFolder)
{
$acl=Get-Acl $Data3
$AccessRule=New-Object System.Security.AccessControl.FileSystemAccessRule("AĆ©lys\LIST","ReadPermissions","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $Data3
}
Here Is the script, I already overwrite the Inheritance of the Folders up to C:\Users\Administrator\Software\Clients so I don't get stuck here.
The really problem is that it needs to go inside the "Clients" Folder and access to all the folders inside of it (Name of the clients) and set Access on the Folders set by $Data1, $Data2 and $Data3.
But when I do That, it lacks every folder of the (Name of the clients) one.
Nov 15, 2022
Did just a quick scan now, AĆ©lys? It has a special character in it, if you try the DNS name instead of the Netbios name?
- Frenchy81100Nov 15, 2022Copper Contributor
I tried without the "Ć©" and it didn't work either (modified in the active directory), it could have been that but i think it can't reach each folders of the folder "Clients"
- Nov 15, 2022Perhaps you should take Ownership first?
$ACL = Get-ACL .\smithb
$Group = New-Object System.Security.Principal.NTAccount("Builtin", "Administrators")
$ACL.SetOwner($Group)
Set-Acl -Path .\smithb\profile.v2 -AclObject $ACL
https://learn-powershell.net/2014/06/24/changing-ownership-of-file-or-folder-using-powershell/- Frenchy81100Nov 15, 2022Copper ContributorYes I already am the owner of all the folders and files