Link to home
Start Free TrialLog in
Avatar of bryan oakley-wiggins
bryan oakley-wigginsFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Give AD user Full Control over a file - Powershell and .CSV

Hi

*** Environment***
Windows 2003 AD

Hi

I am looking for a way, in powershell to have some columns in .csv and then run permissioning on files to give full control:
I.e
ColumnA   |  ColumnB   | Action
File1          |  User1       |  Give full control to user on file in ColumnA
File2          |  User2       |  Give full control to user on file in ColumnA
File3          |  User3       |  Give full control to user on file in ColumnA
File4          |  User4       |  Give full control to user on file in ColumnA
File5          |  User5       |  Give full control to user on file in ColumnA

All files will be in one (1) directory only.
I hope this makes sense?

I had a similar request earlier, resolve by Chris-Dent (massive thaks Chris..!) whereby I would have a column with security groups and a column with users and then the users would be added to the groups when I run the script...

************************************************************************************************************
ForEach ($Entry in (Import-CSV "c:\scripts\test_data\imp2.csv")) {
  ($Entry.ColumnB).Split(";") | %{ Add-QADGroupMember $Entry.ColumnA -Member $_ }
}
***********************************************************************************************************
I would like to get something that is similar or as straight forward...
I hope my request makes sense...

In summary, I am just trying to give full control to a .pst file for a user in AD without moving the .pst to any home folder etc and on a multiple scale > 600 pst's and 600 users (1-2-1)

Cheers
Bry
ASKER CERTIFIED SOLUTION
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of bryan oakley-wiggins
bryan oakley-wiggins
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Hey - Hi Chris

Chuffed you picked this one up as well..! Thanks buddy.
Ok - I checked import-csv and all looks good that end and the script works like a dream..!

wow, you truly are extremely switched on...

Would it be easy to output all the actions to a logfile, so that I can effectively get a status report on the files permissioned?

No worries if not, this has answered my question and I will accept of course.
thanks again Chris, I genuinely really appreciate the help you have given..!

Cheers
Bry


Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Did you need it to catch errors? At the moment it'll throw a big red message to the PowerShell prompt if it has a problem.

Otherwise success can be assumed :) It's still possible to log things, just depends on what you'd like to see in a log file.

Chris
Avatar of bryan oakley-wiggins
bryan oakley-wiggins
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Hi Chris

I was just maybe looking to out-file (or something) the files actioned.. Not errors, per se...
It's great as it is though, I am happy with assuming success if I do not see any red errors in the prompt :-)

Thanks again Chris, you are awesome..! I am really going to knuckle down and get a great grip on learning powershell - Do you have any tips on fgood books/articles to begin learning powershell?

I will accept the answer shortly..
also, you've really helpded me out on these couple of scripts and points almost seem to little a way to say thanks..!

maybe if you support a charity or something, I could make a small donation or something? if not, just please accept my sincerest thanks for your help..!

Cheers
Bry
Avatar of bryan oakley-wiggins
bryan oakley-wiggins
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

bang-on..!

Thanks so much Chris-Dent.

Cheers
Bry
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Sorry for the delay getting back to you, I was on holiday for a few days.

Anyway... first things first, making the script say what it's up to. I've added a couple of lines with options there. Since we're not controlling errors I don't see there's a lot to gain by writing a running status, if we were watching for errors then I would have that, makes it quite complex though.

> Do you have any tips on fgood books/articles to begin learning powershell?

I'm rubbish at answering questions like that. I tend to explore / play / prod rather than reading to get to grips with it all. Anything I read tends to focus on the minutia rather than the fundamentals of the language. Besides, I had a head start, I'd been doing fairly serious scripting with VbScript for a number of years prior to learning PowerShell.

Fortunately... Brandon has far better pointers for anyone starting out (lots of links and a few book recommendations) in his profile here:

https://www.experts-exchange.com/M_4238767.html

Much more useful :)

Chris
$DomainName = "YourDomain"
$BasePath = "C:\SomeFolder\"
Import-CSV "List.csv" | %{
  # Just echoing a line
  Write-Host "$($_.ColumnA): Adding FullControl for $($_.ColumnB)"
  # Appending to a Text File
  "$($_.ColumnA): Adding FullControl for $($_.ColumnB)" >> "LogFile.log"
 
  $ACL = Get-ACL "$BasePath\$($_.ColumnA)"
 
  $AccessRule = New-Object `
    System.Security.AccessControl.FileSystemAccessRule(`
      "$DomainName\$($_.ColumnB)", `
      "FullControl", `
      "Allow")
 
  $ACL.AddAccessRule($AccessRule)
 
  Set-ACL "$BasePath\$($_.ColumnA)" -AclObject $ACL
}

Open in new window