Author Posts

January 1, 2012 at 12:00 am

by spoony123 at 2012-10-28 06:17:28

Hi, i am trying to modify the NTFS permissions on some folders and forcing everything underneath to inherit. I am trying to each this by setting the parent folder with some different permissions and then effectivly using powershell to tick the :

"Replace all existing Inheritable Permissions on all descendants with inheritable permissions from this object"

I have been able to achieve setting a folder's ACL using powershell but run into problems when try to use a FOREACH loop to procees mulitple folders. I get errors about "Cannot bind arguement to parameter 'Path' because it is null"

Can anyone advise on what i am doing wrong. My code is below

#Obtain folder list
$path = gci c:\dfs\ -recurse | where-object {$_.psiscontainer -eq "True"}
#Loop Through each folder
foreach ($path in $paths)
{
#Get the acl list for folder
$acl = get-acl -path $path

#Create the addtition to the NTFS List
$new = “User1”,”FullControl”,”ContainerInherit,ObjectInherit”,”None”,”Allow”
$accessRule = new-object System.Security.AccessControl.FileSystemAccessRule $new
$acl.SetAccessRule($accessRule)
#Apply NTFS Permisson
$acl | Set-Acl $path
}#Exit Loop[/code

by DonJ at 2012-10-28 07:39:09

It'd help to see one of those errors.

But, try using Set-ACL differently. Don't pipe anything to it. Pass everything as a named parameter. Just to make sure the cmdlet is taking everything properly.

Also, have your script output the content of $path immediately prior to whatever line is causing the error message.

by spoony123 at 2012-10-30 16:06:29

Hi There, the error i get is below. It seems to be saying it can't find the drive, i am not sure why it is looking for a drive? But it appears to be at the point when it tries to get the ACL for the folder in the ForEach loop when it hits a problem.
I am a bit stumped on this one.....

[/cGet-Acl : Cannot find drive. A drive with the name '@{Name=dfs1; FullName=C' does not exist.
At line:7 char:15
+ $acl = get-acl < <<< -path $path
+ CategoryInfo : ObjectNotFound: (@{Name=dfs1; FullName=C:String) [Get-Acl], DriveNotFoundException
+ FullyQualifiedErrorId : DriveNotFound,Microsoft.PowerShell.Commands.GetAclCommand

Exception calling "SetAccessRule" with "1" argument(s): "Some or all identity references could not be translated."
At line:12 char:20
+ $acl.SetAccessRule < <<< ($accessRule)
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException

Set-Acl : Cannot find drive. A drive with the name '@{Name=dfs1; FullName=C' does not exist.
At line:14 char:16
+ $acl | Set-Acl < <<< $path
+ CategoryInfo : ObjectNotFound: (@{Name=dfs1; FullName=C:String) [Set-Acl], DriveNotFoundException
+ FullyQualifiedErrorId : DriveNotFound,Microsoft.PowerShell.Commands.SetAclCommand

Get-Acl : Cannot find drive. A drive with the name '@{Name=dfs1; FullName=C' does not exist.
At line:7 char:15
+ $acl = get-acl < <<< -path $path
+ CategoryInfo : ObjectNotFound: (@{Name=dfs1; FullName=C:String) [Get-Acl], DriveNotFoundException
+ FullyQualifiedErrorId : DriveNotFound,Microsoft.PowerShell.Commands.GetAclCommand

Exception calling "SetAccessRule" with "1" argument(s): "Some or all identity references could not be translated."
At line:12 char:20
+ $acl.SetAccessRule < <<< ($accessRule)
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException

Set-Acl : Cannot find drive. A drive with the name '@{Name=dfs1; FullName=C' does not exist.
At line:14 char:16
+ $acl | Set-Acl < <<< $path
+ CategoryInfo : ObjectNotFound: (@{Name=dfs1; FullName=C:String) [Set-Acl], DriveNotFoundException
+ FullyQualifiedErrorId : DriveNotFound,Microsoft.PowerShell.Commands.SetAclCommandode]

by spoony123 at 2012-10-30 16:10:58

Sorry ignore last error message in post – this is the original error message

Get-Acl : Cannot find path 'dfs1' because it does not exist.
At line:7 char:15
+ $acl = get-acl < <<< -path $path
+ CategoryInfo : ObjectNotFound: (:) [Get-Acl], ItemNotFoundException
+ FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand

You cannot call a method on a null-valued expression.
At line:12 char:20
+ $acl.SetAccessRule < <<< ($accessRule)
+ CategoryInfo : InvalidOperation: (SetAccessRule:String) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull

Set-Acl : Cannot bind argument to parameter 'AclObject' because it is null.
At line:14 char:16
+ $acl | Set-Acl < <<< $path
+ CategoryInfo : InvalidData: (:) [Set-Acl], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.SetAclCommand

Get-Acl : Cannot find path 'dfs2' because it does not exist.
At line:7 char:15
+ $acl = get-acl < <<< -path $path
+ CategoryInfo : ObjectNotFound: (:) [Get-Acl], ItemNotFoundException
+ FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand

You cannot call a method on a null-valued expression.
At line:12 char:20
+ $acl.SetAccessRule < <<< ($accessRule)
+ CategoryInfo : InvalidOperation: (SetAccessRule:String) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull

Set-Acl : Cannot bind argument to parameter 'AclObject' because it is null.
At line:14 char:16
+ $acl | Set-Acl < <<< $path
+ CategoryInfo : InvalidData: (:) [Set-Acl], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.SetAclCommand

________________________________________________________________________________________________________________________________________________________________________

by macintx at 2012-11-05 07:53:50

In your code I don't see you listing the parameter for the Fullname
foreach ($path in $paths){$path.fullname}
you can use write-verbose or write-host while your testing to make sure that you see what your expecting to see. The $paths will show you all of the objects that GCI will bring back.

Hope this helps