Posts tagged Permissions
Setting ACLs in PowerShell
0So, first post on this site and I thought I’d start things off with a little bit of PowerShell. Until recently I’d managed to make use of other means for modifying ACLs however thanks to some recent work with System Centre Orchestrator I thought I’d try to push myself down the Powershell route.
For my particular needs I simply required the ability to provide a new ACL and apply this to the root of a user’s home folder. Many guides on working with ACLs and PowerShell suggest starting with the Get-ACL command, however in my case I wasn’t interested in finding the existing information but starting from scratch.
Let’s create a new ACL and give it the variable name of $HomeACL:
$HomeAcl=New-ObjectSystem.Security.AccessControl.DirectorySecurity
The first thing that I want to do is to modify the owner settings to the builtin administrators group:
$HomeAcl.SetAccessRuleProtection($true,$false)
Let’s create the variables for two entries that we require:
$UserRule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule (“Username1″,“modify”,“containerinherit, objectinherit”,“None”,“allow”)
$AdminRule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule (“administrators”,“Full”,“containerinherit, objectinherit”,“None”,“allow”)
And apply the variables to the ACL…
$HomeAcl.SetAccessRule($UserRule)
$HomeAcl.SetAccessRule($AdminRule)
So that’s our Access Control List nicely created with the settings that we require, the last thing that we need to do is to apply this to a folder. For the sake of example I’m using the directory “C:\Testdir”. To finalise your settings simply use:
set-acl“C:\TestDir”$HomeAcl
There, that doesn’t seem too bad for my first post! Here’s hoping that somebody finds it useful!