Specials Get-Acl and Set-Acl rules on directories

Harm_Veenstra

Thanks a lot For Everything, the script doesn't look clean but still is nice and fully working.

Nice!

All good! I finaly got the Answer....
Here Is the script:

$Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients\ -Recurse | Where-Object -Property Name -Contains 'Direct' | Get-Acl
$Data2=Get-ChildItem C:\Users\Administrateur\Software\Clients\ -Recurse | Where-Object -Property Name -Contains 'DSS' | Get-Acl
$Data3=Get-ChildItem C:\Users\Administrateur\Software\Clients\ -Recurse | Where-Object -Property Name -Contains 'Flux' | Get-Acl

$Usergroup="Accès Fichiers"
$fileSystemRights="Read"
$InheritanceFlag="ContainerInherit,ObjectInherit"
$PropagationFlag="None"
$AccessControlType="Allow"

#Permet de désactiver l'héritage des autorisations du dossier:

$NewAcl=$Data1
$NewAcl.SetAccessRuleProtection($true,$true)
$NewAcl | Set-Acl

#Permet de donner les autorisations pour le groupe:

$Acl=$Data1
$rule=New-Object System.Security.AccessControl.FileSystemAccessRule($Usergroup, $fileSystemRights, $InheritanceFlag, $PropagationFlag, $AccessControlType)
$Acl.addAccessrule($rule)
$Acl | Set-Acl

#Copier les autorisations sur les autres dossiers:

$NewAcl=$Data2
$NewAcl.SetAccessRuleProtection($true,$true)
$NewAcl | Set-Acl

#Permet de donner les autorisations pour le groupe:

$Acl=$Data2
$rule=New-Object System.Security.AccessControl.FileSystemAccessRule($Usergroup, $fileSystemRights, $InheritanceFlag, $PropagationFlag, $AccessControlType)
$Acl.addAccessrule($rule)
$Acl | Set-Acl

$NewAcl=$Data3
$NewAcl.SetAccessRuleProtection($true,$true)
$NewAcl | Set-Acl

#Permet de donner les autorisations pour le groupe:

$Acl=$Data3
$rule=New-Object System.Security.AccessControl.FileSystemAccessRule($Usergroup, $fileSystemRights, $InheritanceFlag, $PropagationFlag, $AccessControlType)
$Acl.addAccessrule($rule)
$Acl | Set-Acl

Everything all Set and works fine!

Last Question over this topic, I rearranged my script and now it works fine, but I can't use the propagation flags after the System.Security.AccessControl.FileSystemRule("User","InheritOnly","Read","Allow").
I tried Changing the order and don't get any better results. I always get an error:
New-Object : Cannot find an overload for "FileSystemAccessRule" and the argument count: "4".

I don't understand why cant I put 4 arguments when normaly you can enter the user/group, ACL, Propagation and Inheritance Flags and also Acces Type... Could someone give me some help with it?

Here is The Script:
$Data1=Get-ChildItem C:\Users\Administrateur\Software\Clients\ -Recurse | Where-Object -Property Name -Contains 'Direct' | Get-Acl
$Data2=Get-ChildItem C:\Users\Administrateur\Software\Clients\ -Recurse | Where-Object -Property Name -Contains 'DSS' | Get-Acl
$Data3=Get-ChildItem C:\Users\Administrateur\Software\Clients\ -Recurse | Where-Object -Property Name -Contains 'Flux' | Get-Acl

#Permet de désactiver l'héritage des autorisations du dossier:

$NewAcl=$Data1
$NewAcl.SetAccessRuleProtection($true,$true)
$NewAcl | Set-Acl

#Permet de donner les autorisations pour le groupe:

$Acl=$Data1
$rule=New-Object System.Security.AccessControl.FileSystemAccessRule("Accès Fichiers","InheritOnly","Read","Allow")
$Acl.addAccessrule($rule)
$Acl | Set-Acl

#Copier les autorisations sur les autres dossiers:

$NewAcl=$Data2
$NewAcl.SetAccessRuleProtection($true,$true)
$NewAcl | Set-Acl

#Permet de donner les autorisations pour le groupe:

$Acl=$Data2
$rule=New-Object System.Security.AccessControl.FileSystemAccessRule("Accès Fichiers","InheritOnly","Read","Allow")
$Acl.addAccessrule($rule)

$Acl | Set-Acl

$NewAcl=$Data3
$NewAcl.SetAccessRuleProtection($true,$true)
$NewAcl | Set-Acl

#Permet de donner les autorisations pour le groupe:

$Acl=$Data3
$rule=New-Object System.Security.AccessControl.FileSystemAccessRule("Accès Fichiers","InheritOnly","Read","Allow")
$Acl.addAccessrule($rule)
$Acl | Set-Acl

And The Error: (In French)
New-Object : Surcharge introuvable pour « FileSystemAccessRule » et le nombre d'arguments « 4 ».
Au caractère C:\Users\Administrateur\Documents\Bon Script.ps1:14 : 7
+ $rule=New-Object System.Security.AccessControl.FileSystemAccessRule(" ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation : (:) [New-Object], MethodException
+ FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand

New-Object : Surcharge introuvable pour « FileSystemAccessRule » et le nombre d'arguments « 4 ».
Au caractère C:\Users\Administrateur\Documents\Bon Script.ps1:27 : 7
+ $rule=New-Object System.Security.AccessControl.FileSystemAccessRule(" ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation : (:) [New-Object], MethodException
+ FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand

New-Object : Surcharge introuvable pour « FileSystemAccessRule » et le nombre d'arguments « 4 ».
Au caractère C:\Users\Administrateur\Documents\Bon Script.ps1:39 : 7
+ $rule=New-Object System.Security.AccessControl.FileSystemAccessRule(" ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation : (:) [New-Object], MethodException
+ FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand

No problem, glad to help... Please mark my answer as solution to mark this as solved 🙂