tilbard
asked on
Script to change the permissions/owner of folders on a file server
Due to a long standing practice of laziness when creating user accounts, my company is now left with over 2000 home directories with varying permission levels for various accounts. I've changed the policy on making users, but now I have to clean up the home directory permissions. Being that I've recently started learning (finally) Powershell, I figured I'd use that.
We have all of our home directories in one location, and all are named after the users username, as such:
d:\Home\JSmith
d:\Home\JDoe
I figure the easiest way to uniformly change them is to set the permissions of d:\home to the common permissions (Domain Admins: Full, BackupAccount:read, HelpdeskStaff:Change Permissions), then set the permissions on the users individual folders to allow them Change control. Seeing as the directory name always matches the username, I thought it would be fairly easy to use Powershell to grab all the directories, store them in an array, then pass the directory name to ICACLS.exe (I'd use the built in set-acl, but we also want to set the Owner, inheritance, etc... as well). The problem I'm having however, is getting the directory path into a format that works as the username.
I suspect the problem is the .SubString(3) will only work on strings, and I'm trying to use it on an object, but I can't find anything that'll convert the object into a string, or any similair functionality that'll work on an object.
Attached is the part of the script that's giving me fits. Any help appreciated!
We have all of our home directories in one location, and all are named after the users username, as such:
d:\Home\JSmith
d:\Home\JDoe
I figure the easiest way to uniformly change them is to set the permissions of d:\home to the common permissions (Domain Admins: Full, BackupAccount:read, HelpdeskStaff:Change Permissions), then set the permissions on the users individual folders to allow them Change control. Seeing as the directory name always matches the username, I thought it would be fairly easy to use Powershell to grab all the directories, store them in an array, then pass the directory name to ICACLS.exe (I'd use the built in set-acl, but we also want to set the Owner, inheritance, etc... as well). The problem I'm having however, is getting the directory path into a format that works as the username.
I suspect the problem is the .SubString(3) will only work on strings, and I'm trying to use it on an object, but I can't find anything that'll convert the object into a string, or any similair functionality that'll work on an object.
Attached is the part of the script that's giving me fits. Any help appreciated!
$Foldername = Get-ChildItem * | Where-Object {$_.attributes -match "Directory"}
foreach ($Fullpath in $Foldername) {
$username = $Fullpath.SubString(3)
Write-Host $username
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER