I have a directory which I want to go through recursively and set permissions on all the folders. So the order of operations should be: <ol> <li>Remove all ACL from folder </li> <li>Add ACL to folder</li> <li>Set ACL</li> </ol> I tried the below code, but I am getting the error <blockquote> Cannot set the ACL because the method that it needs to invoke, SetSecurityDescriptor, does not exist. </blockquote> <pre class="prettyprint"><code>foreach ($folder in Get-ChildItem -Path c:\perms -Recurse -Directory) { $AccessRule = New-Object System.Security.Accesscontrol.FileSystemAccessRule ("user", "FullControl", "ContainerInherit,ObjectInherit", "InheritOnly", "Allow") $acl = Get-Acl $folder $acl.SetAcccessRule($AccessRule) Set-Acl -Path $folder.FullName -AclObject $acl } </code></pre> I got rid of the error message, and it added the ACL, but I want to basically remove all ACLs from the folder and add new ones. I updated my script to look like this: <pre class="prettyprint"><code>$acl = Get-Acl -Path "c:\perms" $acl.SetAccessRuleProtection($true,$false) $acl.Access | ForEach-Object { $acl.RemoveAccessRule($_) | Out-Null } $ace = New-Object System.Security.Accesscontrol.FileSystemAccessRule ("user", "FullControl", "ContainerInherit,ObjectInherit", "InheritOnly", "Allow") $acl.AddAccessRule($ace) Set-Acl -Path "c:\perms" -AclObject $acl </code></pre> If I want to add multiple <code>$ace</code>, is it just a matter of declaring <code>$ace2</code>, <code>$ace3</code> and then calling <code>$acl.AddAccessRule($ace2)</code>, <code>$acl.AddAccessRule($ace3)</code>.

Use <code>SetAccessRuleProtection()</code> to disable inheritance and remove inherited ACEs: <pre class="prettyprint"><code>$acl.SetAccessRuleProtection($true, $false) </code></pre> Use <code>RemoveAccessRule()</code> to remove existing (non-inherited) ACEs: <pre class="prettyprint"><code>$acl.Access | ForEach-Object { $acl.RemoveAccessRule($_) | Out-Null } </code></pre> Use <code>AddAccessRule()</code> to add new ACEs: <pre class="prettyprint"><code>$ace = New-Object Security.AccessControl.FileSystemAccessRule "user", ... $acl.AddAccessRule($ace) ... </code></pre> Do this only for the topmost folder. Leave inheritance enabled everywhere below, so your changes are propagated automatically.

Recursively set permissions on folders using Powershell?

I have a directory which I want to go through recursively and set permissions on all the folders. So the order of operations should be:

Remove all ACL from folder
Add ACL to folder
Set ACL

I tried the below code, but I am getting the error

Cannot set the ACL because the method that it needs to invoke, SetSecurityDescriptor, does not exist.

foreach ($folder in Get-ChildItem -Path c:\perms -Recurse -Directory) {
    $AccessRule = New-Object System.Security.Accesscontrol.FileSystemAccessRule ("user", "FullControl", "ContainerInherit,ObjectInherit", "InheritOnly", "Allow")
    $acl = Get-Acl $folder
    $acl.SetAcccessRule($AccessRule)
    Set-Acl -Path $folder.FullName -AclObject $acl
}

I got rid of the error message, and it added the ACL, but I want to basically remove all ACLs from the folder and add new ones.

I updated my script to look like this:

$acl = Get-Acl -Path "c:\perms"
$acl.SetAccessRuleProtection($true,$false)
$acl.Access | ForEach-Object { $acl.RemoveAccessRule($_) | Out-Null }
$ace = New-Object System.Security.Accesscontrol.FileSystemAccessRule ("user", "FullControl", "ContainerInherit,ObjectInherit", "InheritOnly", "Allow")
$acl.AddAccessRule($ace)
Set-Acl -Path "c:\perms" -AclObject $acl

If I want to add multiple $ace, is it just a matter of declaring $ace2, $ace3 and then calling $acl.AddAccessRule($ace2), $acl.AddAccessRule($ace3).

How do I apply recursive permissions?

The chmod command with the -R options allows you to recursively change the file's permissions. To recursively set permissions of files based on their type, use chmod in combination with the find command. If you have any questions or feedback, feel free to leave a comment.

How do I set-ACL permissions in Windows using PowerShell?

To use Set-Acl , use the Path or InputObject parameter to identify the item whose security descriptor you want to change. Then, use the AclObject or SecurityDescriptor parameters to supply a security descriptor that has the values you want to apply. Set-Acl applies the security descriptor that is supplied.

How do you change permissions on recursively in Windows?

One of the options to change multiple files is to run chmod recursive with the -R (recursive, and not the capital) option. The recursive option will change the permissions for all the files, including those under sub-directories, inside a given path. 1. Consider the following command, chmod -R a=r,u=rwx my_dir .

Use SetAccessRuleProtection() to disable inheritance and remove inherited ACEs:

$acl.SetAccessRuleProtection($true, $false)

Use RemoveAccessRule() to remove existing (non-inherited) ACEs:

$acl.Access | ForEach-Object { $acl.RemoveAccessRule($_) | Out-Null }

Use AddAccessRule() to add new ACEs:

$ace = New-Object Security.AccessControl.FileSystemAccessRule "user", ...
$acl.AddAccessRule($ace)
...

Do this only for the topmost folder. Leave inheritance enabled everywhere below, so your changes are propagated automatically.

Recursively set permissions on folders using Powershell?

Tags:

powershell

powershell-3.0

acl

xaisoft

People also ask

1 Answers

Ansgar Wiechers

Recent Activity

Donate For Us

Recursively set permissions on folders using Powershell?

Tags:

powershell

powershell-3.0

acl

xaisoft

People also ask

1 Answers

Ansgar Wiechers

Related questions

Recent Activity

Donate For Us