• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 39
  • Last Modified:

Change permissions

I am creating AD home folders.  Our users get permsissions to "modify, read & execute, list folder contents, read, write"   Can you help me modify my script so that it gets these same permssions. When I apply the script the user gets full control and it appears as special permissions.  When I change fullcontrol to modify it still comes up as special permissions.  When I apply the modify option in the script and I  explore special permissions the user does not have permission to delete files or sub folders.  What should I do to apply the permissions that users get when I create the account and homefolder using the ADUC from RSAT tools.

New-Item -type directory -path "\\127.0.0.1\Share\$($ADUser['SamAccountName'])"
$Acl = Get-Acl "\\127.0.0.1\Share\$($ADUser['SamAccountName'])"
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule("$($FirstName[0])$($LastName)","FullControl","Allow")
$Acl.SetAccessRule($Ar)
Set-Acl "\\127.0.0.1\Share\$($ADUser['SamAccountName'])" $Acl

Open in new window

0
Roccat
Asked:
Roccat
1 Solution
 
RoccatAuthor Commented:
This was the solution
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule ("$($FirstName[0])$($LastName)","Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now