Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Change permissions on only folders with a certain name

Posted on 2013-11-25
3
Medium Priority
?
154 Views
Last Modified: 2015-02-06
Windows 2008 server.

We have a data directory with folders for each of our customers.  Within each customer are several subfolders for correspondence, system documentation, and etc.  We need to change the permissions on the system documentation sub folder for each customer to deny write access to a domain group.

I've been poking around powershell and the icacls command and haven't seen a way to do this across the board in one script.  Anybody have any suggestions or a script that works?

Example folder structure:

d:\clients\customername\system documentation
0
Comment
Question by:firstcall
  • 2
3 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39675795
Try this:

$path = "D:\clients"
$sid = "domain group"

$dirInfo = Get-ChildItem -path $path -Recurse:1 -directory
foreach ($i in $dirInfo.fullname) {
      $regex = $i -match "system documentation"
      if ($regex) { icacls $i /deny $sid:w /t }
}


It will iterate on your clients folder and test each subfolder to see if it matches "system documentation". If it does, run your command to change permissions.

Change $path and $sid to your actual path and your actual group

HTH,
Dan
0
 
LVL 2

Author Comment

by:firstcall
ID: 39681539
Thanks Dan,

We are almost there.  When I run this it errors:
"Get-ChildItem : A parameter cannot be found that matches parameter name 'directory'.

Here is exactly what I saved in the .ps1 file and executed (note I created a sample data structure under test company to test the script on)

$path = "D:\data\test company\clients"
$sid = "domain users"

$dirInfo = Get-ChildItem -path $path -Recurse:1 -directory
foreach ($i in $dirInfo.fullname) {
      $regex = $i -match "system documentation"
      if ($regex) { icacls $i /deny $sid:w /t }
}

Open in new window

0
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 2000 total points
ID: 39681556
You need powershell 3 for the -directory to be recognized.
Install WMF 3 from here: http://www.microsoft.com/en-us/download/details.aspx?id=34595
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question