0
votes

I've gotten comfortable using icacls to add people to file folders but now I am having trouble figuring out how to do the following:

on a folder with many children, g

  1. get the existing permissions on the folder and store them

  2. Add a bunch of new users, propogating to all children and turning on inheritance, replace and force (already working from previous scripts)

  3. check the top level folder and remove any permissions not placed on in step 2.

  4. now that the parent folder has the correct permissions and all children have inheritance set, set all children to have the same permissions as the parent (recompute acl inheritance?)

thanks for any help you all can provide, I just need a push to get into the right direction.

1
Pretty unclear what exactly you're asking here.tnw
You subject indicates you are working with file/folder shares, but the details seem to address NTFS permissions. Are you talking about share permissions or NTFS permissions? They are handled very different ways.Local Needs

1 Answers

1
votes

If you're using PowerShell, you don't need icacls (which returns text instead of objects) since you have have Get-Acl and Set-Acl. However, the help for those two commands is severely lacking, so I recommend supplementing with the .NET framework.

http://technet.microsoft.com/en-us/library/ff730951.aspx is a very good article on ACLs using the .NET framework in PowerShell. If you need more in depth information on System.Security.AccessControl, go to http://msdn.microsoft.com/en-us/library/system.security.accesscontrol.aspx.