staino1983
asked on
powershell: set-acl to UNC path removes existing permissions
Hi
When I try and set "ReadPermissions" for a security group to a UNC path - eg \\computer\test, the group is added with the required permissions. However the existing permissions are all removed.
If I run the script against the local drive, eg c:\test, the permissions are not deleted.
How do I keep the existing permissions when applying the script to a UNC path?
Please note that I have to use UNC path and can not do local drive or use C$
Regards
When I try and set "ReadPermissions" for a security group to a UNC path - eg \\computer\test, the group is added with the required permissions. However the existing permissions are all removed.
If I run the script against the local drive, eg c:\test, the permissions are not deleted.
How do I keep the existing permissions when applying the script to a UNC path?
Please note that I have to use UNC path and can not do local drive or use C$
Regards
$folder = "\\computer\test"
$ADgroup = "AD_GROUP"
$ACL = get-acl $folder
$accessLevel = "ReadPermissions"
$inheritanceFlags = "None"
$propagationFlags = "none"
$accessControlType = "Allow"
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($ADgroup,$accessLevel,$inheritanceFlags,$propagationFlags,$accessControlType)
$Acl.AddAccessRule($accessRule)
Set-Acl $folder $Acl
All examples I've seen talk about using $acl.SetAccessRule, not .AddAccessRule, to add ACLs. Try that.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
resolved myself
$ACL = $ACL.Access + $accessRule