We help IT Professionals succeed at work.
Get Started
Unable to access mapped folder directory that was created with PowerShell script
Hello, I recently got help from EE creating a script that will configure NTFS permissions on a directory.
Here is the link to that previous topic, https://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_28687233.html.
Scenario
My script creates a new directory on the network share and then assigns NTFS Modify permissions for the end user.
Problem
The problem is that after the folder is created and NTFS Modify permissions assigned, the user is unable to access the mapped directory. When trying to access the mapped directory, the following message is seen:
![Unable to access user directory mapped to letter 'I']()
Work Around
After the script creates the directory and assigns NTFS Modify permissions to the end user it won't open. However, if I then go into the directory properties and 'toggle' the Modify check box (uncheck then check it back again) and hit Apply. Viola! The end user can now access the mapped directory.
Help
I need help figuring out how to get my script to work the first time with creating the directory and permissions to Modify for an end user and it not requiring me to go toggle the permissions. Why doesn't the directory recognize the location until I toggle the permissions?
Here is the link to that previous topic, https://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_28687233.html.
Scenario
My script creates a new directory on the network share and then assigns NTFS Modify permissions for the end user.
Problem
The problem is that after the folder is created and NTFS Modify permissions assigned, the user is unable to access the mapped directory. When trying to access the mapped directory, the following message is seen:
Work Around
After the script creates the directory and assigns NTFS Modify permissions to the end user it won't open. However, if I then go into the directory properties and 'toggle' the Modify check box (uncheck then check it back again) and hit Apply. Viola! The end user can now access the mapped directory.
Help
I need help figuring out how to get my script to work the first time with creating the directory and permissions to Modify for an end user and it not requiring me to go toggle the permissions. Why doesn't the directory recognize the location until I toggle the permissions?
function Set-Permission {
<#
.Synopsis
Manage NTFS permissions on a directory and it's child items.
.DESCRIPTION
Long description
.EXAMPLE
Set-Permission -dirPath '\\my-server\user-share\joe.user' -samAccountName joe.user -accessLevel Modify -Verbose
This will apply Modify permissions for samAccountName joe.user to a network share directory called 'joe.user' and it's child items
.EXAMPLE
Another example of how to use this cmdlet
.INPUTS
Inputs to this cmdlet (if any)
.OUTPUTS
Output from this cmdlet (if any)
.NOTES
General notes
.COMPONENT
The component this cmdlet belongs to
.ROLE
The role this cmdlet belongs to
.FUNCTIONALITY
The functionality that best describes this cmdlet
#>
[CmdletBinding()]
[OutputType([String])]
Param (
# Param1 help description
[Parameter(Mandatory=$true,Position=0)]
[Alias("Path")]
[string]
$dirPath,
# Param2 help description
[Parameter(Mandatory=$true,Position=1)]
[string]
$samAccountName,
# Param3 help description
[Parameter(Mandatory=$true, Position=2)]
[ValidateSet("Modify")]
[string]
$accessLevel,
# Param4 help description
[Parameter(Mandatory=$false)]
[string]
$domain = 'My_Domain'
)
Begin {
$domainAccount = $domain + "\" + $samAccountName
$inheritanceFlags = "ContainerInherit, ObjectInherit"
$propagationFlags = "None"
$accessControlType = "Allow"
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
$domainAccount,$accessLevel,$inheritanceFlags,$propagationFlags,$accessControlType)
Write-Verbose 'Print New Access Rule object'
$AccessRule
# Saving parent folder directory into variable
$Parent = gi $dirPath | where {$_.psIsContainer -eq $true}
$pFN = $Parent.FullName
Write-Verbose 'Access Control List of parent folder before applying new rules'
$pFN
$oldacl = Get-Acl $Parent
$oldacl |select accesstostring |fl
} # \Begin
Process {
Write-Verbose "Applying $samAccountName $accessLevel permissions to parent $pFN"
Add-Access -Path $Parent -Account $domainaccount -AccessRights $accesslevel
Get-ChildItem -path $dirPath -Recurse |
ForEach-Object {
$fnDir = $_.FullName
Write-Verbose "Applying $samAccountName $accessLevel permissions to child $fnDir"
}# \ForEach
Get-ChildItem -path $dirPath -Recurse | Get-NTFSAccessInheritance |
Where-Object { -not $_.InheritanceEnabled } | Enable-NTFSAccessInheritance -PassThru
} # \Process
End {
Write-Verbose 'New permissions have been set'
get-childitem -Path $dirPath -Recurse | get-acl | out-gridview
}# \End
}
Why Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
- Troubleshooting
- Research
- Professional Opinions
Did You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE