create multiple folders with security group permission powershell-  similar script mentioned below . Want to know that where to mention destination path to create folders

SAM IT
SAM IT used Ask the Experts™
on
Requirement is script has to create multiple folders in shared path and has to set the security group permission for created folders using powershell. Want to know that where to mention destination path to create folders in the below script and where to mention .csv to import the folder names .

please assist

--------------------------------------------------

$csvFile = "D:\file.csv"

$create = Import-CSV $csvFile

function DoPermissions
{
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd)
    {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
}

foreach ($folder in $create)
{
    $fullPath = $folder.folder #$path + $folder.folder
    if (!(Test-Path $fullPath)) {
    New-Item -ItemType Directory -Path $fullPath
    $fAcl = Get-Acl -Path $fullPath
    $fAcl.SetAccessRuleProtection($true, $true)
    Set-Acl -Path $fullPath -AclObject $fAcl
    }

    if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
    if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
    if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
    if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
    if ($folder.read) {DoPermissions $folder.read $fullPath "Read"}
    if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}

}
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
This is how I would do it but I'm OCD:

begin {
  $date = Get-Date -Format 'yyyyMMddhhmm'
  Start-Transcript -Path "$env:USERPROFILE\Desktop\DoPermisssionsTranscript_$date" -Force
  function Do-Permissions {
    param( $permissionGroup, $folder, $level)
    $toAdd = $permissionGroup -split ";"
    Write-Host $folder
    foreach ($item in $toAdd) {
        $acl = (Get-Item $folder).GetAccessControl('Access')
        $ar = New-Object System.Security.AccessControl.FileSystemAccessRule($item, $level, 'ContainerInherit,ObjectInherit','None','Allow')
        $acl.SetAccessRule($ar)
        Set-ACL -path $folder -AclObject $acl
    }
  }
  
  function Create-MySharedFolders {
    foreach ($folder in (Import-Csv d:\file.csv)) {
      $fullPath = $folder.folder #$path + $folder.folder
      if (!(Test-Path $fullPath)) {
        New-Item -ItemType Directory -Path $fullPath
        $fAcl = Get-Acl -Path $fullPath
        $fAcl.SetAccessRuleProtection($true, $true)
        Set-Acl -Path $fullPath -AclObject $fAcl
      }

      if ($folder.full_control) {DoPermissions $folder.full_control $fullPath "FullControl"}
      if ($folder.modify) {DoPermissions $folder.modify $fullPath "Modify"}
      if ($folder.read_execute) {DoPermissions $folder.read_execute $fullPath "ExecuteFile"}
      if ($folder.list_folder_content) {DoPermissions $folder.list_folder_content $fullPath "ListDirectory"}
      if ($folder.read) {DoPermissions $folder.read $fullPath "Read"}
      if ($folder.write) {DoPermissions $folder.write $fullPath "Write"}      
    }
  }
}

process {
  Do-Permissions
  Create-MySharedFolders
}

end {
  Stop-Transcript
}

Open in new window

PowerShell Developer
Top Expert 2010
Commented:
Watch the function names Jason, DoPermissions / Do-Permissions.

OCD... you've no idea :-D

CSV with headers: Path,Group,AccessRights,DisableInheritance

PowerShell 5 only (using and some of the enum behaviour).
using namespace System.Security.AccessControl
using namespace System.Security.Principal

function New-SharedFolder {
    [CmdletBinding()]
    param(
        [Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)]
        [String]$Path,

        [Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)]
        [String]$Group,

        [Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)]
        [FileSystemRights]$AccessRights,

        [Boolean]$DisableInheritance = $false
    )

    begin {
        $ErrorActionPreference = 'Stop'
    }

    process {
        if (-not (Test-Path $Path)) {
            try {
                $null = New-Item $Path -ItemType Directory -Force
                Add-AccessRule $Path -Principal $Group -AccessRights $AccessRights -DisableInheritance $DisableInheritance
            } catch {
                Write-Error -ErrorRecord $_
            }
        }
    }
}

function Add-AccessRule {
    [CmdletBinding()]
    param(
        [Parameter(Mandatory = $true)]
        [String]$Path,

        [Parameter(Mandatory = $true)]
        [NTAccount]$Principal,

        [Parameter(Mandatory = $true)]
        [FileSystemRights]$AccessRights,

        [Boolean]$DisableInheritance = $false
    )

    try {
        $ErrorActionPreference = 'Stop'

        if ($AccessRights -in 'ReadAndExecute', 'Modify') {
            $AccessRights = $AccessRights -bor 'Synchronize'
        }

        $acl = Get-Acl $Path

        if ($DisableInheritance -and -not $acl.AreAccessRulesProtected) {
            $acl.SetAccessRuleProtection($true, $true)
        }

        $accessRule = New-Object FileSystemAccessRule($Principal, $AccessRights, 'ObjectInherit,ContainerInherit', 'None', 'Allow')
        $acl.AddAccessRule($accessRule)

        Set-Acl $Path -AclObject $acl
    } catch {
        throw
    }
}

Import-Csv file.csv | New-SharedFolder

Open in new window

Commented:
Wait the only place I deviated from the verb-noun format was in the transcript path...right?  I yield to you everytime I've seen your blog, but I'm sticking with what I got this time.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Chris DentPowerShell Developer
Top Expert 2010

Commented:
You updated the command name DoPermissions -> Do-Permissions. Which would have been fine, but you've left calls to the function using the old name in the if statement block. 'tis easy enough to fix, but a gotcha.

Commented:
Crap
Distinguished Expert 2017

Commented:
$create gets the contents of the csv file

folder is included in the csv file.

The place where you obtained this script has to include a sample of the .csv file.

Folder,full_control,modify,read_execute,list_folder,read,write
C:\somefolder,0,0,1,1,1,0
C:\another,1,0,0,0,0,0


At least I think I read the things...
SAM ITAD windows Admin  

Author

Commented:
@jason:

instead of $ent: USERPROFILE  can I mentioned the path in this format I.e '\\servername\projectfolders\newprojects'
____________________________________________________

Start-Transcript -Path "$env:USERPROFILE\Desktop\DoPermisssionsTranscript_$date" -Force

Commented:
Yes absolutely a UNC path works just fine.  I just like using environment variables to avoid non-existent paths.
SAM ITAD windows Admin  

Author

Commented:
I need to add a security group i.e. "shr-projects_new"  for each folder created using this script. can i know where i need to add the security group with modify permissions
SAM ITAD windows Admin  

Author

Commented:
I need to add a security group i.e. "shr-projects_new"  for each folder created using this script. can i know where i need to add the security group with modify permissions
PberSolutions Architect

Commented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Split:
-- Chris Dent (https:#a42066865)
-- Jason Crawford (https:#a42066736)


If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

Pber
Experts-Exchange Cleanup Volunteer

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial