Solved

Powershell script to create folder from csv and applicate ntfs permission

Posted on 2016-07-19
7
363 Views
Last Modified: 2016-08-24
hello,

i need to create a new folder and permission from a csv file.

the csv file contain the name of folder and a group or user to applicate permisison on it.

all folder will be created on a shared folder that i can access with this link:  \\shared\test

the csv file is in this form:
folder,full_control,modify,read_execute,List_folder_content,read,write
folder1,group1;group2;user1,group4;group5,group6,group7;group8,group9,group10
folder2,group1;group2;user1,group4;group5,group6,group7;group8,group9,group10
.......

Open in new window

where folder1 and folder2 is a folder to create on \\shared\test

for exemple for folder1 create it and applicate full control right for active directory group named group1 and group 2 and user user1....
for folder 1 applicate ntfs permisison with modify right for group4 and group 5...

i hope i am clear and thanks for help
0
Comment
Question by:cawasaki
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 13

Expert Comment

by:Dustin Saunders
ID: 41719448
This code should do the trick.

Edit $path to the root path of your share, and $csvFile to the path of your create CSV.

$path = "\\localhost\Share\"
$csvFile = "C:\Users\Administrator\Desktop\create.csv"

$create = Import-CSV $csvFile

function DoPermissions
{
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd)
    {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
}

foreach ($folder in $create)
{
    $fullPath = $path + $folder.folder
    if (!(Test-Path $fullPath)) {New-Item -ItemType Directory -Path $fullPath}

    if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
    if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
    if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
    if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
    if ($folder.read) {DoPermissions $folder.read $fullPath "ReadData"}
    if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}

}

Open in new window


This code can be easily edited by adding more columns to your CSV.  Just add a line like this:

 if ($folder.COLUMNNAME) {DoPermissions $folder.COLUMNNAME $fullPath "PERMISSIONLEVEL"}

Open in new window

And change COLUMNNAME to the new CSV column and PERMISSIONLEVEL to one of these.
0
 
LVL 13

Expert Comment

by:Dustin Saunders
ID: 41719449
(i made an edit, please be sure to refresh the page)
0
 

Author Comment

by:cawasaki
ID: 41720295
hello

i will test now

hello,

are with this script when i will copie sub folder and files, it will inherit permisison from parent folder?

thank you
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 

Author Comment

by:cawasaki
ID: 41720871
the script work and this is my question:

1-are with this script when i will copie sub folder and files, it will inherit permisison from parent folder?

2-it is possible to change one think: i prefer the script get the path from csv file, because i have many folder and subfolder to create:

folder,full_control,modify,read_execute,List_folder_content,read,write
\\localhost\Share\folder1,group1;group2...........................
\\localhost\Share\folder1\test,group1;group2...........................
\\localhost\Share\folder2,group1;group2...........................
\\localhost\Share\folder2\test,group1;group2...........................

only last folder will be created and permisison applicated on it.

i will create a csv file by folder level.

thanks for help
0
 
LVL 13

Accepted Solution

by:
Dustin Saunders earned 500 total points
ID: 41723121
1. By default it will pass permissions on to subfolders created.
2. I changed the script to use the full path from the csv only.

#$path = "\\localhost\Share\"
$csvFile = "C:\Users\Administrator\Desktop\create.csv"

$create = Import-CSV $csvFile

function DoPermissions
{
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd)
    {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
}

foreach ($folder in $create)
{
    $fullPath = $folder.folder #$path + $folder.folder
    if (!(Test-Path $fullPath)) {New-Item -ItemType Directory -Path $fullPath}

    if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
    if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
    if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
    if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
    if ($folder.read) {DoPermissions $folder.read $fullPath "ReadData"}
    if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}

}

Open in new window

0
 

Author Closing Comment

by:cawasaki
ID: 41748598
Sorry i am out of office bow i will accept the solution and if i have a problem i will open a new question
Thanks
0
 

Author Comment

by:cawasaki
ID: 41768632
hello,

i have open new question here:

https://www.experts-exchange.com/questions/28965308/modify-powershell-script-to-not-inherit-ntfs-permission-from-parent.html

i need now that the new folder created from the script do not inherit from parent folder permisison

thanks for help
0

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
Learn the basics of if, else, and elif statements in Python 2.7. Use "if" statements to test a specified condition.: The structure of an if statement is as follows: (CODE) Use "else" statements to allow the execution of an alternative, if the …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question