PowerShell Script to change folder permissions?

Does anyone know how to tweak this script so that after it creates each new user folder, it removes the permissions each folder inherited, and only adds the ones you have specified.

https://gallery.technet.microsoft.com/scriptcenter/How-to-create-home-folder-d968f1d4
victor2008Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

yo_beeDirector of Information TechnologyCommented:
From what I can see from this script is that the Home Folder is created with no inherited rights at all.
It creates a default of "NT AUTHORITY\SYSTEM","BUILTIN\Administrators" + the User full control.  If you want to add additional users and groups you add it to the arguments.

I am not sure what you want to remove.
victor2008Author Commented:
Thank you. The folder where the user folders are created has some permissions that get propagated down to the new folders. I want to remove those groups, then add new groups. The adding new groups works, but don't know how to remove what's there first. I can remove inheritance with $HomeFolderACL.SetAccessRuleProtection($true,$true) but want to remove some groups that get inherited.
yo_beeDirector of Information TechnologyCommented:
First off this script is creating the directory for HomeFolder location
Just to be 100% clear you are looking to reassign ACL to the home folder structure, not create folders?
Learn SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

victor2008Author Commented:
The script creates a home folder for each user in the list (which it does). I want the script to create each folder like it does and give the user full control like it does, but first remove the permissions for each user folder that gets inherited from it's parent.
yo_beeDirector of Information TechnologyCommented:
This script does create a folder with no inherited security and then sets the security based on the script .  I am not sure what you want to tweak.
By design that is exactly how this script works.
victor2008Author Commented:
In my experience, when it creates the new user folder, the parent security group is inherited to the new user folder.
yo_beeDirector of Information TechnologyCommented:
I have dissected this a bit further.
What the script is doing is gathering the parent folder ACL and storing it.
The folder of the user is created without any inheritance and then the ACL is set by using what was gathered from the parent folder and appending the User to the ACL list variable.  Once that is done it then applies this variable array to the user's folder.

Is this a brand new folder structure or an existing one?  If it is a brand new one you can add the user and/or groups that will need access to all the folders and these are the ones that will be gathered during the script run.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.