Based on an example in the Windows PowerShell 2.0 Administrators Pocket Consultant I'm under the impression that it should be possible to copy an ACL from one registry key to another. Something like this
$acl = get-acl -path hkcu:\software\foo
set-acl -path hkcu:\software\bar -aclobject $acl
However I find this silent fails to work. The command appears to complete properly however when you check the ACL on hkcu:\software\bar you find that it's ACL hasn't changed.
This pattern does work if I'm dealing with files instead of registry entries.
If I do something like this
$acl = get-acl -path hkcu:\software\bar
$rule = new-object system.security.accesscontrol.registryaccessrule `"enigma\karmac","FullControl","allow"
$acl.addaccessrule($rule)
$acl | set-acl
That does work.
So basically I'm asking if it is possible to copy registry ACL entries from one key to another, or do you need to modify the ACL of each individual registry key.
I'm on Windows 7 Ultimate 64bit, running powershell 2.0 in 64bit mode. I've also tried running the powershell session as an administrator.
Any help would be appreciated. Thank you.