Solved

Powershell script to copy ACL Permission from source folder structure to target folder structure

Posted on 2013-12-12
15
10,128 Views
Last Modified: 2014-01-14
Please provide a sample Powershell script to copy NTFS ACL Permissions from a master source folder with its subfolder structure to a target folder which has an identical subfolder structure

Source structure will have different permissions at different subfolder levels and some special permissions set on certain specific default files located in the structure

$SourceFoolder = "S:\Master Project"
$TargetFolder = "S:\3000\3010 Project"
0
Comment
Question by:ARampton
  • 7
  • 7
15 Comments
 
LVL 40

Expert Comment

by:Subsun
ID: 39714309
You can find the sample codes from following question. Check and let us know if you have any additional questions..
http://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_28305158.html

Other option which you can try is the Copy-Acl function. Please see the following article for more details..
http://blogs.msdn.com/b/powershell/archive/2009/05/11/copy-acl.aspx
0
 

Author Comment

by:ARampton
ID: 39714762
First suggestion does not work recursively through a source structure

Second link is useful but I ma not yet skilled enough to modify this recursive script to achieve what I want
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39714783
Recursively means, you need set the permission at top level and enable the inheritance right?
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:ARampton
ID: 39714883
I mean each and every source subfolder permission is mirrored to its matching target subfolder

The same with any files in the source structure
0
 
LVL 40

Assisted Solution

by:Subsun
Subsun earned 500 total points
ID: 39716701
Okie.. I didn't test the code.. Check it and let me know if it works for you..
$SourceFoolder = "S:\Master Project"
$TargetFolder = "S:\3000\3010 Project"

$TFolders = GCI $TargetFolder -Recurse | Select -ExpandProperty Fullname

GCI $SourceFoolder -Recurse | % {
	$SPath = $_.FullName
	$TPath = $_.FullName -replace "$($SourceFoolder.replace("\","\\"))","$TargetFolder"
	If ($TFolders -ccontains $TPath){
		Try{
		Set-Acl -Path $TPath -AclObject (Get-Acl $SPath) -EA Stop
		Echo "Copied permission from $SPath to $TPath"
		}Catch{
		Echo "Error on copying permission from $SPath to $TPath : $($_.Exception.Message)"
		}
	} Else{
	Echo "Unable to find destination for $SPath"
	}
}

Open in new window

0
 
LVL 5

Expert Comment

by:Recept
ID: 39728087
Does this solution have to be in Powershell? Robocopy will work just fine and is pre-installed on Windows Vista/2008+

robocopy.exe "S:\Master Project" "S:\3000\3010 Project" /E /COPYALL

Open in new window


Or run from within Powershell

$SourceFoolder = "S:\Master Project"
$TargetFolder = "S:\3000\3010 Project" 
&robocopy.exe $SourceFoolder $TargetFolder /E /COPYALL

Open in new window

0
 

Accepted Solution

by:
ARampton earned 0 total points
ID: 39731870
I have totally failed to get robocopy to copy just permissions to target folders with /e /secfix /copy:s /is - /copyall will copy files and folders which I don't want

Thanks for the Powershell script - the one I have now used seems a little simpler and I understand its components

This copies ACL Permissions from Source to Target item by item (included folders and files)

$SFolder = "S:\SourceFolder"
$TFolder = "S:\3060\3078 Test Project 8"     'Targert Folder

$SFolderList = get-childitem -name $SFolder -recurse
foreach ($Folder in $SFolderList) {
          $SFullPath = $SFolder + "\" + "$Folder"
          $TFullPath = $TFolder + "\" + "$Folder"
      $NewACL = Get-ACL "$SFullPath"
Set-ACL "$TFullPath" $NewACL
echo "ACL copied to $TFolder $Folder"
}
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39731997
Looking at your script, I expect some functional problems to get expected result. But if it is working for you then good!
0
 

Author Comment

by:ARampton
ID: 39732024
I agree my script has no error checking yet, I will learn from your sample code

Please can you explain the function/operation of your line

      $TPath = $_.FullName -replace "$($SourceFoolder.replace("\","\\"))","$TargetFolder"
0
 
LVL 40

Assisted Solution

by:Subsun
Subsun earned 500 total points
ID: 39732567
With following source and destination folders..

$SFolder = "S:\SourceFolder"
$TFolder = "S:\3060\3078 Test Project 8"

$_.FullName -replace "$($SourceFoolder.replace("\","\\"))","$TargetFolder"
The line actually take the FullName of the source  file or folder and convert it in to destination folder name..

S:\SourceFolder\folder1\test.txt will be converted to
S:\3060\3078 Test Project 8\folder1\test.txt

S:\SourceFolder\folder1\Folder2\testfolder to
S:\3060\3078 Test Project 8\folder1\Folder2\testfolder

Regarding your script, I was not talking about error control..

With our example, S:\SourceFolder\folder1\Folder2\testfolder as source folder..

In your code "$Folder" will have value 'testfolder' (Name of the folder processed by foreach), so with following code

$SFullPath = $SFolder + "\" + "$Folder"
$TFullPath = $TFolder + "\" + "$Folder"

$SFullPath will be S:\SourceFolder\testfolder  &

$TFullPath will be C:\dest\testfolder

Ideally the source is S:\SourceFolder\folder1\Folder2\testfolder and destination would be S:\3060\3078 Test Project 8\folder1\Folder2\testfolder (Since you said you have the exact same folder structure)

But it may work if you don't have more than one level deep folder structure as i mentioned in my example.. Hope it's clear..
0
 

Author Comment

by:ARampton
ID: 39751188
Thanks for your guidance

I  think your use of the line below is very powerful so I would appreciate more information on how it actually works so I can construct similar transpositions myself

$_.FullName -replace "$($SourceFoolder.replace("\","\\"))","$TargetFolder"
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39751241
I have used -replace operator to construct the target path…

$SourceFoolder = "S:\Master Project"
$TargetFolder = "S:\3000\3010 Project"


$TPath = $_.FullName -replace "$($SourceFoolder.replace("\","\\"))","$TargetFolder"

Open in new window

So in above example, if we replace the variables with their values (just to show you how it works) then you will get the following command..
"S:\Master Project\folder1\test.txt" -replace "S:\\Master Project","S:\3000\3010 Project"

Open in new window

Hence the source file full name will be converted to
S:\3000\3010 Project\folder1\test.txt

You can refer the following article to know more about replacing strings in PowerShell..
http://blogs.technet.com/b/heyscriptingguy/archive/2011/03/21/use-powershell-to-replace-text-in-strings.aspx
0
 

Author Comment

by:ARampton
ID: 39767934
Subsun, I understand the -replace function now but don't yet comprehend its second use ($SourceFoolder.replace("\","\\")) in the line below

$TPath = $_.FullName -replace "$($SourceFoolder.replace("\","\\"))","$TargetFolder"

I think it is trying to change "\" to "\\" but don't understand why or the .replace format

Some further guidance would be very helpful
0
 
LVL 40

Assisted Solution

by:Subsun
Subsun earned 500 total points
ID: 39768037
-Replace uses regex pattern replacement that's why first I had to convert the Source Folder name single slashes to double slashes using $SourceFoolder.replace("\","\\"). \\ is interpreted as a regex that matches a single backslash (escaped backslash).
BTB, In our scenario, I think the following code also give the same result..
$TPath = $_.FullName.replace($SourceFoolder,"$TargetFolder")

Open in new window

Let me know if you have any further questions..
0
 

Author Closing Comment

by:ARampton
ID: 39778767
Own solution seemed more understandable to me but much appreciate more advanced choice
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Best Group or Permissions for Domain User to run Scheduled Task 44 62
Copy Function with attributes 1 27
Exchange 2013 Admin Center Issue 3 22
BATCH to EXE Converter 2 40
I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
"Migrate" an SMTP relay receive connector to a new server using info from an old server.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question