Automatically creating folders per user and assigning correct permissions

Welcome Forums General PowerShell Q&A Automatically creating folders per user and assigning correct permissions

This topic contains 1 reply, has 2 voices, and was last updated by

 
Keymaster
4 months ago.

  • Author
    Posts
  • #130857

    Participant
    Topics: 1
    Replies: 0
    Points: 13
    Rank: Member

    Hi, I have this script I'm currently working on that creates a folder for each user with their own name on a share.

    So the situation is: E:/Scans/user/
    This should be like their own "homefolder" and should be created upon login. If it's already created, nothing should happen.

    Now I have a script that creates this folder with permissions, however I can not get the permissions to go right.

    
    ### RIVA-IT B.V.
    ### TBN Scan Map Creation Script
    
    $homedir="\\WIN-HNF1R0TNHGH\E\Scans\$($ENV:USERNAME)"
    
    if (-not (Test-Path "$homedir"))
    {
    $acl = Get-Acl (New-Item -Path $homedir -ItemType Directory)
    
    $acl.SetAccessRuleProtection($false, $true)
    
    $ace = "$($env:USERDOMAIN)\$($ENV:USERNAME)","FullControl", "ContainerInherit,ObjectInherit","None","Allow"
    $objACE = New-Object System.Security.AccessControl.FileSystemAccessRule($ace)
    $acl.AddAccessRule($objACE)
    Set-ACL -Path "$homedir" -AclObject $acl
    }
    net use x: \\WIN-HNF1R0TNHGH\E\Scans\$($env:username)

    is my current code.

    I put the permissions as follow on the folders:

    E:/ permissions:
    Sharing: http://prntscr.com/lwuv7a
    Security: http://prntscr.com/lwuvjt

    /folder/ permissions:
    Sharing: not shared
    Security: http://prntscr.com/lwuwj0

    then, user logs in, runs the script, and this is the permissions on their folder:

    /name/ permissions;
    Sharing: not shared
    Security: http://prntscr.com/lwuxf6

    I don't understand Powershell at all, and really can't get it to work. Could anyone please assist with this?

    When I have all the permissions correct, the users are still able to look through each folder.

    Kind Regards,

    Sven

  • #131093

    Keymaster
    Topics: 13
    Replies: 4872
    Points: 1,811
    Helping HandTeam Member
    Rank: Community Hero

    There's a feature of Windows called Access-Based Enumeration, or ABE, you need to look into. Not having permission to a file does not ordinarily stop you from seeing that the file exists, which is what ABE turns on.

The topic ‘Automatically creating folders per user and assigning correct permissions’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort