PoshCode Archive  Artifact [6130bc53eb]

Artifact 6130bc53eb0e24f575afd1b29d09296aed02af58b1fe6895515c492d13effe9b:

  • File Home-Directory-Perms.ps1 — part of check-in [9687c8b381] at 2018-06-10 13:28:36 on branch trunk — Completely redoes Home Directory Perms (user: Littlegun size: 2402)

# encoding: ascii
# api: powershell
# title: Home Directory Perms
# description: Completely redoes Home Directory Perms
# version: 0.1
# author: Littlegun
# license: CC0
# x-poshcode-id: 3641
# x-archived: 2012-09-21T03:34:08
# x-published: 2012-09-14T11:23:00
#
#

$FolderPath = "\\site filer\userdata$\"


$rootfolder = Get-ChildItem -Path $FolderPath -recurse 
foreach ($file in $rootfolder) {
        $file.FullName
        Get-Acl $file.FullName | Format-List
            $acl = Get-Acl $file.FullName 
            $acl.Access | %{$acl.RemoveAccessRule($_)} 
      #Values ($False, $True) place Administrators,Domain Admins and System.
            $acl.SetAccessRuleProtection($False, $True) 
            $Rights = [System.Security.AccessControl.FileSystemRights]::FullControl
            $inherit = [System.Security.AccessControl.FileSystemAccessRule]::ContainerInherit -bor [System.Security.AccessControl.FileSystemAccessRule]::ObjectInherit
            $Propagation = [System.Security.AccessControl.PropagationFlags]::None
            $Access = [System.Security.AccessControl.AccessControlType]::Allow
            $acct=New-Object System.Security.Principal.NTAccount("Builtin\Administrators") 
            $acl.SetOwner($acct) 
            Set-Acl $file.FullName $acl 
            Get-Acl $file.FullName  | Format-List
            
        }

Write-Host "##########################################" -ForegroundColor Green
Write-Host "#                                        #" -ForegroundColor Green
Write-Host "#Adding user specific Permissions now    #" -ForegroundColor Green
Write-Host "#                                        #" -ForegroundColor Green
Write-Host "##########################################" -ForegroundColor Green

$rootfolder = Get-ChildItem -Path $FolderPath -recurse 
foreach ($userfolder in $rootfolder) {
        $userfolder.FullName
        If (get-user "DomainName\$userfolder") {
            Get-Acl $userfolder.FullName | Format-List
            $acl = Get-Acl $userfolder.FullName
            $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($userfolder.Name,"Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
            $acl.AddAccessRule($rule)
            Set-Acl $userfolder.FullName $acl
            Get-Acl $userfolder.FullName  | Format-List
            }
       
}