Removing access permissions

This topic contains 3 replies, has 2 voices, and was last updated by  Brian Sprogø 3 years, 5 months ago.

  • Author
  • #22446


    I'm trying to write a script that would remove all access permissions from a particular folder and replace them with a new set of permissions.
    To remove all permissions I do

    1. $acl = Get-Acl $folder
    2. foreach($access in $acl.access){
    3. $acl.RemoveAccessRuleAll($access) | Out-Null
    4. }
    5. Set-Acl $folder $acl

    however this doesn't work for some reason. When debugging I'm doing $acl | fl in line 1 and then after Set-Acl and the result is the same as if RemoveAccessRuleAll() never run.
    What do I need to modify to get this to work?

  • #22447

    Brian Sprogø

    Could it be that all of your permissions on the folder is inherited ?

    You can remove inheritance with

    $acl.SetAccessRuleProtection($True, $True)

    Info on the method here:

  • #22449


    That was it 🙂 Many thanks

  • #22451

    Brian Sprogø

    You're welcome 🙂

You must be logged in to reply to this topic.