Solved

Change permissions on only folders with a certain name

Posted on 2013-11-25
3
105 Views
Last Modified: 2015-02-06
Windows 2008 server.

We have a data directory with folders for each of our customers.  Within each customer are several subfolders for correspondence, system documentation, and etc.  We need to change the permissions on the system documentation sub folder for each customer to deny write access to a domain group.

I've been poking around powershell and the icacls command and haven't seen a way to do this across the board in one script.  Anybody have any suggestions or a script that works?

Example folder structure:

d:\clients\customername\system documentation
0
Comment
Question by:firstcall
  • 2
3 Comments
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39675795
Try this:

$path = "D:\clients"
$sid = "domain group"

$dirInfo = Get-ChildItem -path $path -Recurse:1 -directory
foreach ($i in $dirInfo.fullname) {
      $regex = $i -match "system documentation"
      if ($regex) { icacls $i /deny $sid:w /t }
}


It will iterate on your clients folder and test each subfolder to see if it matches "system documentation". If it does, run your command to change permissions.

Change $path and $sid to your actual path and your actual group

HTH,
Dan
0
 
LVL 2

Author Comment

by:firstcall
ID: 39681539
Thanks Dan,

We are almost there.  When I run this it errors:
"Get-ChildItem : A parameter cannot be found that matches parameter name 'directory'.

Here is exactly what I saved in the .ps1 file and executed (note I created a sample data structure under test company to test the script on)

$path = "D:\data\test company\clients"
$sid = "domain users"

$dirInfo = Get-ChildItem -path $path -Recurse:1 -directory
foreach ($i in $dirInfo.fullname) {
      $regex = $i -match "system documentation"
      if ($regex) { icacls $i /deny $sid:w /t }
}

Open in new window

0
 
LVL 34

Accepted Solution

by:
Dan Craciun earned 500 total points
ID: 39681556
You need powershell 3 for the -directory to be recognized.
Install WMF 3 from here: http://www.microsoft.com/en-us/download/details.aspx?id=34595
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now