Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Change permissions on only folders with a certain name

Posted on 2013-11-25
3
Medium Priority
?
146 Views
Last Modified: 2015-02-06
Windows 2008 server.

We have a data directory with folders for each of our customers.  Within each customer are several subfolders for correspondence, system documentation, and etc.  We need to change the permissions on the system documentation sub folder for each customer to deny write access to a domain group.

I've been poking around powershell and the icacls command and haven't seen a way to do this across the board in one script.  Anybody have any suggestions or a script that works?

Example folder structure:

d:\clients\customername\system documentation
0
Comment
Question by:firstcall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39675795
Try this:

$path = "D:\clients"
$sid = "domain group"

$dirInfo = Get-ChildItem -path $path -Recurse:1 -directory
foreach ($i in $dirInfo.fullname) {
      $regex = $i -match "system documentation"
      if ($regex) { icacls $i /deny $sid:w /t }
}


It will iterate on your clients folder and test each subfolder to see if it matches "system documentation". If it does, run your command to change permissions.

Change $path and $sid to your actual path and your actual group

HTH,
Dan
0
 
LVL 2

Author Comment

by:firstcall
ID: 39681539
Thanks Dan,

We are almost there.  When I run this it errors:
"Get-ChildItem : A parameter cannot be found that matches parameter name 'directory'.

Here is exactly what I saved in the .ps1 file and executed (note I created a sample data structure under test company to test the script on)

$path = "D:\data\test company\clients"
$sid = "domain users"

$dirInfo = Get-ChildItem -path $path -Recurse:1 -directory
foreach ($i in $dirInfo.fullname) {
      $regex = $i -match "system documentation"
      if ($regex) { icacls $i /deny $sid:w /t }
}

Open in new window

0
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 2000 total points
ID: 39681556
You need powershell 3 for the -directory to be recognized.
Install WMF 3 from here: http://www.microsoft.com/en-us/download/details.aspx?id=34595
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Know what services you can and cannot, should and should not combine on your server.
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question