troubleshooting Question

modify powershell script i use to create folder and apply acl for user or group

Avatar of cawasaki
cawasaki asked on
Scripting LanguagesPowershellWindows Server 2008
9 Comments2 Solutions326 ViewsLast Modified:
hello,

i have this script to create folder and appky security acl for some active directory group.

i need to modify th script to apply this right for group or user listed on List_folder_content like this csv file:

folder,full_control,modify,read_execute,List_folder_content,read,write
\\server\folder1\folder2,DEF_Controle_Total;DEF_Service_Desk,DEF_Modification,,Domain Users,DEF_Lecture,
so for domain users, script must applicate this right:

acl
need to be applied to this folder only like picture.

this is my script and thanks for help

$csvFile = "D:\file.csv"

$create = Import-CSV $csvFile

function DoPermissions
{
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd)
    {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
}

foreach ($folder in $create)
{
    $fullPath = $folder.folder #$path + $folder.folder
    if (!(Test-Path $fullPath)) {
    New-Item -ItemType Directory -Path $fullPath
    $fAcl = Get-Acl -Path $fullPath
    $fAcl.SetAccessRuleProtection($true, $true)
    Set-Acl -Path $fullPath -AclObject $fAcl
    }

    if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
    if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
    if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
    if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
    if ($folder.read) {DoPermissions $folder.read $fullPath "Read"}
    if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}

}
ASKER CERTIFIED SOLUTION
Qlemo
"Batchelor", Developer and EE Topic Advisor
Join our community to see this answer!
Unlock 2 Answers and 9 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros