Solved

Need help creating a Powershell folder script

Posted on 2014-01-24
1
944 Views
Last Modified: 2014-01-30
Thank you in advanced for any help you can give on this issue. I am a complete newb when it comes to powershell and I'm learning it as quickly as I can but I'm in a trial by fire situation.

I need to create a script that does the following:

1) Create a new folder on an existing network share with a series of 11 subfolders to go with it. Straight forward and simple enough but....

2) I Need to assign specific permission to a security group on just about each sub folder. And this is where I get lost

The scenario will play out like this:

1- We would launch a script and a new top level folder on the share would be created called "Folder template" for argument's sake. Upon the folder being created the name will be changed to represent whatever is required.

2- "Folder template" will have 11 subfolders created alongside and inside of it. With static names that will not need to be changed.

2a - inheritance would need to be disabled as not gain the permissions from the share itself

3- There two security groups Write-team and Read-team.

4- the read-team should only be able to open and read every folder.

5- The write team need to be able to

5a - add and edit files in folders 1-5 and 7-10

5b- in folders 6 and 11 they need to be able to write and edit subfolders in files in 6 and 11

5c- they should NOT be able to move, delete, or rename the acutal folder or subfolder itself 6 and 11.

Is this all even possible in one handy dandy convenient script?
0
Comment
Question by:EmpoweredBiz
1 Comment
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 39809053
Anything is possible. This is a starting point, you may need to clarify some of your rules.
$Share = "\\server\sharename"
$FolderName = "Folder Template"

# The static sub-folder list
$SubFolders = @(
  "Folder1",
  "Folder2",
  "Folder3",
  "Folder4",
  "Folder5",
  "Folder6",
  "Folder7",
  "Folder8",
  "Folder9",
  "Folder10",
  "FOlder11"
)

# Create the top level folder
$TopLevelFolder = New-Item "$Share\$FolderName" -Type Directory

# Sort out permissions on the top level folder - May not be necessary
$Acl = Get-Acl $TopLevelFolder.FullName

# This Disables inheritance (enables protection, the first $true). 
# The second $true tells it to copy the existing ACL from the parent folder when doing this. That may need to change.
$Acl.SetAccessRuleProtection($true, $true)

# Explicitly add an entry for the Read-team here. It's the neatest place.
$Acl.Access += New-Object Security.AccessControl.FileSystemAccessRule("Read-Team", "ReadAndExecute", "ObjectInherit, ContainerInherit", "None", "Allow")

# Set the modified ACL
Set-Acl $TopLevelFolder.FullName -AclObject $Acl

# Begin work on the sub-folders
for ($i = 0; $i -lt $SubFolders.Count; $i++) {
  $SubFolder = New-Item "$Share\$FolderName\$($SubFolders[$i])" -Type Directory

  # $i is a zero-based counter, all numbers are shifted down by one.

  $Acl = Get-Acl $SubFolder.FullName

  # Edit files in folders 1 to 5 and 7 to 10.
  if (($i -ge 0 -and $i -le 4) -or ($i -ge 6 -and $i -le 9)) {
    # Grant Write-Team permission to Edit files. Note: ObjectInherit means this only applies to Files.
    $Acl.Access += New-Object Security.AccessControl.FileSystemAccessRule("Write-Team", "Modify", "ObjectInherit", "None", "Allow")
  }

  # Create and modify sub-folders in 6 and 11
  if ($i -eq 5 -or $i -eq 10) {
    # Grant Write-Team permission to create sub-folders
    $Acl.Access += New-Object Security.AccessControl.FileSystemAccessRule("Write-Team", "CreateDirectories", "ContainerInherit", "None", "Allow")
    # Grant Write-Team permission to create files, but not in this folder.
    $Acl.Access += New-Object Security.AccessControl.FileSystemAccessRule("Write-Team", "Modify", "ObjectInherit", "None", "Allow")
  }

  # Apply the modified ACL
  Set-Acl $SubFolder.FullName -AclObject $Acl 
}

Open in new window

HTH

Chris
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article will help you understand what HashTables are and how to use them in PowerShell.
A procedure for exporting installed hotfix details of remote computers using powershell
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question