Setting NTFS permissions using Powershell

Setting NTFS permissions using Powershell

I am currently working on a script similar to the Mass import of users in Active Direcory post I published earlier (as promised 🙂 ). In the new script I wanted to only use powershell, so I had to find a way to set ntfs permissions using powershell. After all, the cacls way is pretty outdated.
After some googling I came up with a rather extensive script, it is a little more complicated than I wanted but here goes:

$acl = Get-Acl c:test
$acl.SetAccessRuleProtection($True, $False)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Administrators","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
("SYSTEM","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("testuser","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Users","Read", "ContainerInherit, ObjectInherit", "None", "Allow")
Set-Acl c:test $acl
Get-Acl c:test | format-list

What it does it set the default permissions (in win7) that are inherited, in addition to full controll for “testuser”, on the folder c:test.
You can download the script here
Next step is to get this into an foreach loop…

Leave a Reply

Your email address will not be published. Required fields are marked *