Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Powershell script to create folder from csv and applicate ntfs permission

Posted on 2016-07-19
7
Medium Priority
?
679 Views
Last Modified: 2016-08-24
hello,

i need to create a new folder and permission from a csv file.

the csv file contain the name of folder and a group or user to applicate permisison on it.

all folder will be created on a shared folder that i can access with this link:  \\shared\test

the csv file is in this form:
folder,full_control,modify,read_execute,List_folder_content,read,write
folder1,group1;group2;user1,group4;group5,group6,group7;group8,group9,group10
folder2,group1;group2;user1,group4;group5,group6,group7;group8,group9,group10
.......

Open in new window

where folder1 and folder2 is a folder to create on \\shared\test

for exemple for folder1 create it and applicate full control right for active directory group named group1 and group 2 and user user1....
for folder 1 applicate ntfs permisison with modify right for group4 and group 5...

i hope i am clear and thanks for help
0
Comment
Question by:cawasaki
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 13

Expert Comment

by:Dustin Saunders
ID: 41719448
This code should do the trick.

Edit $path to the root path of your share, and $csvFile to the path of your create CSV.

$path = "\\localhost\Share\"
$csvFile = "C:\Users\Administrator\Desktop\create.csv"

$create = Import-CSV $csvFile

function DoPermissions
{
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd)
    {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
}

foreach ($folder in $create)
{
    $fullPath = $path + $folder.folder
    if (!(Test-Path $fullPath)) {New-Item -ItemType Directory -Path $fullPath}

    if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
    if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
    if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
    if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
    if ($folder.read) {DoPermissions $folder.read $fullPath "ReadData"}
    if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}

}

Open in new window


This code can be easily edited by adding more columns to your CSV.  Just add a line like this:

 if ($folder.COLUMNNAME) {DoPermissions $folder.COLUMNNAME $fullPath "PERMISSIONLEVEL"}

Open in new window

And change COLUMNNAME to the new CSV column and PERMISSIONLEVEL to one of these.
0
 
LVL 13

Expert Comment

by:Dustin Saunders
ID: 41719449
(i made an edit, please be sure to refresh the page)
0
 

Author Comment

by:cawasaki
ID: 41720295
hello

i will test now

hello,

are with this script when i will copie sub folder and files, it will inherit permisison from parent folder?

thank you
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:cawasaki
ID: 41720871
the script work and this is my question:

1-are with this script when i will copie sub folder and files, it will inherit permisison from parent folder?

2-it is possible to change one think: i prefer the script get the path from csv file, because i have many folder and subfolder to create:

folder,full_control,modify,read_execute,List_folder_content,read,write
\\localhost\Share\folder1,group1;group2...........................
\\localhost\Share\folder1\test,group1;group2...........................
\\localhost\Share\folder2,group1;group2...........................
\\localhost\Share\folder2\test,group1;group2...........................

only last folder will be created and permisison applicated on it.

i will create a csv file by folder level.

thanks for help
0
 
LVL 13

Accepted Solution

by:
Dustin Saunders earned 2000 total points
ID: 41723121
1. By default it will pass permissions on to subfolders created.
2. I changed the script to use the full path from the csv only.

#$path = "\\localhost\Share\"
$csvFile = "C:\Users\Administrator\Desktop\create.csv"

$create = Import-CSV $csvFile

function DoPermissions
{
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd)
    {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
}

foreach ($folder in $create)
{
    $fullPath = $folder.folder #$path + $folder.folder
    if (!(Test-Path $fullPath)) {New-Item -ItemType Directory -Path $fullPath}

    if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
    if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
    if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
    if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
    if ($folder.read) {DoPermissions $folder.read $fullPath "ReadData"}
    if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}

}

Open in new window

0
 

Author Closing Comment

by:cawasaki
ID: 41748598
Sorry i am out of office bow i will accept the solution and if i have a problem i will open a new question
Thanks
0
 

Author Comment

by:cawasaki
ID: 41768632
hello,

i have open new question here:

https://www.experts-exchange.com/questions/28965308/modify-powershell-script-to-not-inherit-ntfs-permission-from-parent.html

i need now that the new folder created from the script do not inherit from parent folder permisison

thanks for help
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
The viewer will learn how to dynamically set the form action using jQuery.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question