Change permissions

Roccat
Roccat used Ask the Experts™
on
I am creating AD home folders.  Our users get permsissions to "modify, read & execute, list folder contents, read, write"   Can you help me modify my script so that it gets these same permssions. When I apply the script the user gets full control and it appears as special permissions.  When I change fullcontrol to modify it still comes up as special permissions.  When I apply the modify option in the script and I  explore special permissions the user does not have permission to delete files or sub folders.  What should I do to apply the permissions that users get when I create the account and homefolder using the ADUC from RSAT tools.

New-Item -type directory -path "\\127.0.0.1\Share\$($ADUser['SamAccountName'])"
$Acl = Get-Acl "\\127.0.0.1\Share\$($ADUser['SamAccountName'])"
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule("$($FirstName[0])$($LastName)","FullControl","Allow")
$Acl.SetAccessRule($Ar)
Set-Acl "\\127.0.0.1\Share\$($ADUser['SamAccountName'])" $Acl

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
This was the solution
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule ("$($FirstName[0])$($LastName)","Modify", "ContainerInherit, ObjectInherit", "None", "Allow")

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial