Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Change permissions

Posted on 2016-08-04
1
Medium Priority
?
35 Views
Last Modified: 2016-08-04
I am creating AD home folders.  Our users get permsissions to "modify, read & execute, list folder contents, read, write"   Can you help me modify my script so that it gets these same permssions. When I apply the script the user gets full control and it appears as special permissions.  When I change fullcontrol to modify it still comes up as special permissions.  When I apply the modify option in the script and I  explore special permissions the user does not have permission to delete files or sub folders.  What should I do to apply the permissions that users get when I create the account and homefolder using the ADUC from RSAT tools.

New-Item -type directory -path "\\127.0.0.1\Share\$($ADUser['SamAccountName'])"
$Acl = Get-Acl "\\127.0.0.1\Share\$($ADUser['SamAccountName'])"
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule("$($FirstName[0])$($LastName)","FullControl","Allow")
$Acl.SetAccessRule($Ar)
Set-Acl "\\127.0.0.1\Share\$($ADUser['SamAccountName'])" $Acl

Open in new window

0
Comment
Question by:Roccat
1 Comment
 

Accepted Solution

by:
Roccat earned 0 total points
ID: 41743442
This was the solution
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule ("$($FirstName[0])$($LastName)","Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Loops Section Overview

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question