Setting ACL Over writes Audits

This topic contains 2 replies, has 2 voices, and was last updated by  ertuu85 1 year, 10 months ago.

  • Author
    Posts
  • #32023

    ertuu85
    Participant

    I'm trying to write a script so that if a certain user has too many permissions on it, it deletes it out of the folder...the issue is it's currently also removing all the audits that exist on the folder...

    Below is a snippet of the function:

            foreach($acl in (get-acl $path).access | ?{$_.identityreference -eq $user} | ? {$_})
    	{
    		if($acl.filesystemrights -notmatch $permissions)
    		{
    			try
    			{
    				$x = (get-item -force $path).GetAccessControl('Access')
    				$x.removeaccessruleSpecific($acl)
    
    				set-acl $path -aclobject $x -erroraction stop
    			}
    			catch
    			{
    				$badgrab+=@("$user is a general user with improper permissions")
    			}
    										
    		}
    	}
    

    On the set-acl it wipes the existing audits...is there a way to remove/set an ACL without deleting the audits?

  • #32038

    Rohn Edwards
    Participant

    This a bug caused by the file system provider in PowerShell. Set-Acl for files and folders has lots of issues (some have been fixed in version 5), so I generally recommend against using it at all. Instead, you can do this:

    (Get-Item $Path).SetAccessControl($x)
    
  • #32039

    ertuu85
    Participant

    AHHHHH, well that frustrates me!

    Thanks a lot, your solution worked like a charm

You must be logged in to reply to this topic.