Zman771
asked on
Set windows folder permission/security via script
I'm running windows home server and want to set up custom folder security/permissions (give a user read access to a folder). I can do this via the normal windows security dialogue, but unfortunately WHS seems to overwrite my custom permissions after a certain amount of time.
is there a way to set this permission via a script or command line so that I can run it as a scheduled task?
is there a way to set this permission via a script or command line so that I can run it as a scheduled task?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I was able to use PowerShell to modify the permissions but I can't seem to figure out how to save the script so I can schedule it via windows Scheduled Tasks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
worked like a charm, except for one small issue. the post says to run the following command:
powershell -command "& 'MyScript.ps1' "
but if the file is in the same directory you have to run
powershell -command "& '.\MyScript.ps1' "
other than that this is perfect. thanks!
powershell -command "& 'MyScript.ps1' "
but if the file is in the same directory you have to run
powershell -command "& '.\MyScript.ps1' "
other than that this is perfect. thanks!
You're Welcome. Glad this workeD for you.
ASKER
i came across one issue. when i run the script, the user's permissions come as "Special Permissions" instead of "Full Control" or "Read & Execute". i've tried several different $permission settings but it doesn't seem to work. any suggestions?
$acl = Get-Acl d:\shares\Videos
$permission = "USERNAME","FullControl","Allow"
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission
$acl.SetAccessRule($accessRule)
$acl | Set-Acl d:\shares\Videos
ASKER
I fixed it. turns out the permissions were only being applied to the folder and not the subfolders and files.
$directory = "d:\shares\Videos"
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$propagation = [system.security.accesscontrol.PropagationFlags]"None"
$acl = Get-Acl $directory
$accessrule = New-Object system.security.AccessControl.FileSystemAccessRule("USERNAME", "Read", $inherit, $propagation, "Allow")
$acl.AddAccessRule($accessrule)
set-acl -aclobject $acl $directory
xcacls should be able to do this.....
How to use Xcacls.exe to modify NTFS permissions
http://support.microsoft.c
Please advise if you need help with the syntax of the script/command....