Solved

Powershell script to create folder from csv and applicate ntfs permission

Posted on 2016-07-19
7
97 Views
Last Modified: 2016-08-24
hello,

i need to create a new folder and permission from a csv file.

the csv file contain the name of folder and a group or user to applicate permisison on it.

all folder will be created on a shared folder that i can access with this link:  \\shared\test

the csv file is in this form:
folder,full_control,modify,read_execute,List_folder_content,read,write
folder1,group1;group2;user1,group4;group5,group6,group7;group8,group9,group10
folder2,group1;group2;user1,group4;group5,group6,group7;group8,group9,group10
.......

Open in new window

where folder1 and folder2 is a folder to create on \\shared\test

for exemple for folder1 create it and applicate full control right for active directory group named group1 and group 2 and user user1....
for folder 1 applicate ntfs permisison with modify right for group4 and group 5...

i hope i am clear and thanks for help
0
Comment
Question by:cawasaki
  • 4
  • 3
7 Comments
 
LVL 12

Expert Comment

by:Dustin Saunders
ID: 41719448
This code should do the trick.

Edit $path to the root path of your share, and $csvFile to the path of your create CSV.

$path = "\\localhost\Share\"
$csvFile = "C:\Users\Administrator\Desktop\create.csv"

$create = Import-CSV $csvFile

function DoPermissions
{
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd)
    {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
}

foreach ($folder in $create)
{
    $fullPath = $path + $folder.folder
    if (!(Test-Path $fullPath)) {New-Item -ItemType Directory -Path $fullPath}

    if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
    if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
    if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
    if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
    if ($folder.read) {DoPermissions $folder.read $fullPath "ReadData"}
    if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}

}

Open in new window


This code can be easily edited by adding more columns to your CSV.  Just add a line like this:

 if ($folder.COLUMNNAME) {DoPermissions $folder.COLUMNNAME $fullPath "PERMISSIONLEVEL"}

Open in new window

And change COLUMNNAME to the new CSV column and PERMISSIONLEVEL to one of these.
0
 
LVL 12

Expert Comment

by:Dustin Saunders
ID: 41719449
(i made an edit, please be sure to refresh the page)
0
 

Author Comment

by:cawasaki
ID: 41720295
hello

i will test now

hello,

are with this script when i will copie sub folder and files, it will inherit permisison from parent folder?

thank you
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:cawasaki
ID: 41720871
the script work and this is my question:

1-are with this script when i will copie sub folder and files, it will inherit permisison from parent folder?

2-it is possible to change one think: i prefer the script get the path from csv file, because i have many folder and subfolder to create:

folder,full_control,modify,read_execute,List_folder_content,read,write
\\localhost\Share\folder1,group1;group2...........................
\\localhost\Share\folder1\test,group1;group2...........................
\\localhost\Share\folder2,group1;group2...........................
\\localhost\Share\folder2\test,group1;group2...........................

only last folder will be created and permisison applicated on it.

i will create a csv file by folder level.

thanks for help
0
 
LVL 12

Accepted Solution

by:
Dustin Saunders earned 500 total points
ID: 41723121
1. By default it will pass permissions on to subfolders created.
2. I changed the script to use the full path from the csv only.

#$path = "\\localhost\Share\"
$csvFile = "C:\Users\Administrator\Desktop\create.csv"

$create = Import-CSV $csvFile

function DoPermissions
{
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd)
    {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
}

foreach ($folder in $create)
{
    $fullPath = $folder.folder #$path + $folder.folder
    if (!(Test-Path $fullPath)) {New-Item -ItemType Directory -Path $fullPath}

    if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
    if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
    if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
    if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
    if ($folder.read) {DoPermissions $folder.read $fullPath "ReadData"}
    if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}

}

Open in new window

0
 

Author Closing Comment

by:cawasaki
ID: 41748598
Sorry i am out of office bow i will accept the solution and if i have a problem i will open a new question
Thanks
0
 

Author Comment

by:cawasaki
ID: 41768632
hello,

i have open new question here:

https://www.experts-exchange.com/questions/28965308/modify-powershell-script-to-not-inherit-ntfs-permission-from-parent.html

i need now that the new folder created from the script do not inherit from parent folder permisison

thanks for help
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This article will show, step by step, how to integrate R code into a R Sweave document
How to sign a powershell script so you can prevent tampering, and only allow users to run authorised Powershell scripts
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now