Change permissions

I am creating AD home folders.  Our users get permsissions to "modify, read & execute, list folder contents, read, write"   Can you help me modify my script so that it gets these same permssions. When I apply the script the user gets full control and it appears as special permissions.  When I change fullcontrol to modify it still comes up as special permissions.  When I apply the modify option in the script and I  explore special permissions the user does not have permission to delete files or sub folders.  What should I do to apply the permissions that users get when I create the account and homefolder using the ADUC from RSAT tools. 

New-Item -type directory -path "\\127.0.0.1\Share\$($ADUser['SamAccountName'])"
$Acl = Get-Acl "\\127.0.0.1\Share\$($ADUser['SamAccountName'])"
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule("$($FirstName[0])$($LastName)","FullControl","Allow")
$Acl.SetAccessRule($Ar)
Set-Acl "\\127.0.0.1\Share\$($ADUser['SamAccountName'])" $Acl

Open in new window

RoccatAsked:
Who is Participating?
 
RoccatAuthor Commented:
This was the solution
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule ("$($FirstName[0])$($LastName)","Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.

Advertise Here