Create a folder and set permissions on it using PowerShell

Andrew VoytasSystems Support Analyst IV
Published:
Updated:
This script checks a path to see if a folder exists.
If the folder does exist you will get output "The folder has previously been created. No action taken"
If not it will create the folder. Then adds one user modify permission to the folder.
It then verifies the folder was created.
I’m at my desk this morning running tickets. Inevitably there it is, another request for scanning. Here I go again! What is this the fifth, sixth hundredth time I’ve done this? Good lord how many people actually need to scan stuff. I know I work for the fourth largest city in the nation but this is getting ridiculous. Or maybe, just maybe I’m handling scan tickets the wrong way. After all my motto is “If it’s hard you’re doing it wrong.”

Let me run you through the process so you have a good idea of the situation. Joe Smith needs to be able to scan from a Xerox machine. He could be an employee that already has a scan folder and just needs to be added to another Xerox or he could be a new employee and needs a scan folder created. Unfortunately there is no way to tell that just by looking at the ticket.

Here we go. Step one go to the scan server. Step two open the department folder that Joe is working for. Step three scroll through the hundreds of employee folders to see if he already has a folder created. If he does great. If he doesn’t then create one. Then open the properties of that folder and give him modify rights to that folder. I know it doesn’t sound hard, and it’s not, but several hundred times into it and one of your nerves will start twitching too.

A few months ago my subconscious told me, I bet PowerShell could do this faster than you can. The thought entered and left just as fast. This morning however was a different story. I looked at the ticket and said today is the day. Today my friend we are going to make your life a little sweeter that it already is. And so it began.

My feet have already gotten wet in the PowerShell pond but I am a far way off from a PowerShell baptism.  What’s a guy to do? Google, that’s what. I found several scripts that were already written, modified them to fit my specific needs, and then added a little flare by having PowerShell confirm with me that it did its job correctly.  

There are a lot of mundane tasks that come with managing a file or scan server. The kind of tasks that will give you a twitch after a while. But thankfully, because of PowerShell, that twitching nerve is no more, …at least for today. I hope this code helps your twitch go away too.
 
# this script checks to see if the folder has already been created
                      # if it hasn't it will create the folder then sets permissions on it
                      # then verifies if the folder has been created or not
                      # NEED TO CHANGE PATH ($Path = '\\server\folder\folder') !!!
                      # NEED TO CHANGE USER PERMISSION ($permission = 'UserAliasGoesHere') !!!
                      
                      # this is the path for the new folder
                      $Path = '\\server\folder\folder'
                      
                      # test to see if folder already exists
                      if (Test-Path $Path) {
                      Write-Host -ForegroundColor Yellow "
                      -------------------------------------------------------
                      `n
                      The folder has previously been created. No action taken
                      `n
                      -------------------------------------------------------
                      "
                      }
                      else {
                      # create new folder
                      $null = New-Item -Path $Path -ItemType Directory
                      # get permissions
                      $acl = Get-Acl -Path $path
                      
                      # add a new permission (FullControl, Modify, Read)
                      $permission = 'UserAliasGoesHere', 'Modify', 'ContainerInherit, ObjectInherit', 'None', 'Allow'
                      $rule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $permission
                      $acl.SetAccessRule($rule)
                      
                      # set new permissions
                      $acl | Set-Acl -Path $path 
                      # verify the folder has been created
                      if (Test-Path $Path) {
                      Write-Host -ForegroundColor Green "
                      ----------------------------
                      `n
                      The folder has been created.
                      `n
                      ----------------------------
                      "
                      }
                      else {
                      Write-Host -ForegroundColor Red "
                      --------------------------------
                      `n
                      The folder has not been created.
                      `n
                      --------------------------------
                      "
                      }
                      }

Open in new window

 
Modification
If you would like PowerShell to ask you for the folder path and the user alias (SAM-Account-Name) see below.

Where you see the two lines of code:
# this is the path for the new folder.  
$Path = '\\server\folder\folder'
Delete those two lines of code and replace them with the below code.
 
# this is the path for the new folder
                      $Path = Read-Host 'What is the folder path?'
                      
                      # this is the users SAM account (alias) This is who will have modify rights to the folder
                      $alias = Read-Host 'What is the user alias?'

Open in new window


If you do this you will not have to manually change the code every time.
2
36,048 Views
Andrew VoytasSystems Support Analyst IV

Comments (1)

aikimarkGet vaccinated; Social distance; Wear a mask
CERTIFIED EXPERT
Top Expert 2014

Commented:
Some recommendations:
* Package this in a function
* Add a parameter, so the user can pass a path for the file to be created.
* Add a standard documentation block that will show up when someone does a help/get-help
* (optional) Add a parameter that would allow the invoking code to pass ownership credentials for the newly created file.

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.