Setting ACL Question

This topic contains 2 replies, has 3 voices, and was last updated by  Michael 2 weeks, 4 days ago.

  • Author
    Posts
  • #92411

    Kody
    Participant

    Hi,

    I'm trying to set permissions on a folder then make all child folders/files inherit those permissions of the parent folder.

    Here is what I have so far. It will set the permissions to the parent but child folders/files are not getting the inherited permissions.

    $path = 'C:\temp\test'

    # Get the ACL for an existing folder

    $existingAcl = (Get-Item $path).GetAccessControl('Access')
    $allInherit = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit","ObjectInherit"

    # Set the permissions that you want to apply to the folder

    $permissions = $env:username,"FullControl",$allInherit,"None","Allow"

    # Create a new FileSystemAccessRule object

    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule $permissions

    # Modify the existing ACL to include the new rule

    $existingAcl.SetAccessRule($rule)

    #Enable Inheritance

    $existingAcl.SetAccessRuleProtection($false,$true)

    # Apply the modified access rule to the folder

    Set-Acl -path $path -AclObject $existingAcl

    Any help is appreciated, thanks!

  • #92416

    Jon
    Participant

    https://gallery.technet.microsoft.com/scriptcenter/1abd77a5-9c0b-4a2b-acef-90dbb2b84e85

    Using NTFS module and inheritance

    Personally I find doing ACL's natively with powershell is awful, check out the module above. Much easier to work with.

  • #92627

    Michael
    Participant

    Example 3 from the MS Docs page at https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/set-acl?view=powershell-5.1 shows how to iterate through the child objects of the parent directory to accomplish this.

    Looks like a simple change to the last line like below:

    Get-ChildItem -Path $path -Recurse -Force | Set-Acl -AclObject $existingAcl

You must be logged in to reply to this topic.