Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Ismat Gayibov2021-07-19 09:43:05
PowerShell
Ismat Gayibov, 2021-07-19 09:43:05

How to grant access to folders of a domain user through Powershell?

Hello. The purpose of the script is to give access to a folder for a specific user. I have been suffering for 2 days now. Found different options. But everything throws an error, supposedly not the right argument, etc.

The scheme is like this. There is a file exchanger ( folder Obmen ) . Further it is created under folders. The general path to the user's personal folder is as follows.

C:\Obmen\Sklad\Ivanov Ivan Ivanovich\Private.

It would be desirable to give the rights in such a way that the user on these folders C:\Obmen\Sklad would have read-only access.

........Ivanov Ivan Ivanovich\Personal has full access to these folders and besides him, other users, except for reading, had no access.

$newuser = (get-eventlog -log Security -InstanceID 4720 -newest 1).ReplacementStrings[9]

mkdir C:\obmen\$newou\$newfolder\Private

# Read the current ACL settings for our folder
$acl = Get-Acl C:\obmen\$newou\$newfolder\Private
# Let's see the resulting ACL
$acl | fl *

# Create a permission set that we will assign to the folder
$permission = “ADTEST0\$newuser”,”read,write",”containerinherit,objectinherit”,”none”,”allow”

# View current ACEs
$acl.Access

# Create new ACE object based on previously written permissions
$ace = new-object security.accesscontrol.filesystemaccessrule $permission

# Apply the changes made to the original ACL
$acl.setaccessrule($ace)
# Assign an ACL to the selected folder
$acl | set-aclC:\ obmen\$newou\$newfolder\Private

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alexey Dmitriev, 2021-07-19
@SignFinder

Use third-party modules so as not to suffer.
https://github.com/raandree/NTFSSecurity
https://github.com/alphaleonis/AlphaFS
Or this third-party command line utility - it feels great in Powershell.
https://helgeklein.com/setacl/

Report
M
Morrowind, 2021-07-24
@hekkaaa

Hello.
Here, try this script:

$a = Get-Acl -Path C:\Temp\TestPS
$fileSystemAccessRuleArgumentList 
# Тут Указываем пользователя
$identity = "NT AUTHORITY\Прошедшие проверку"
# тут доступ
$fileSystemRights = "Read"
$type = "Allow"
$fileSystemAccessRuleArgumentList = $identity, $fileSystemRights, $type
$fileSystemAccessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $fileSystemAccessRuleArgumentList

$a.SetAccessRule($fileSystemAccessRule)
Set-Acl -Path C:\Temp\TestPS -AclObject $a

I took it from the manual and checked it on my laptop. It seems to work.

Similar questions
T
Tim32016-02-01 10:47:33
Menu in powershell and case function? 1Reply
N
Nerand2020-06-28 00:08:14
How to get list of HID devices connected to PC using CMD/PowerShell? 1Reply
M
Maxim2013-10-30 20:59:19
Simple restful web service 3Reply
M
Mikhail Lyalin2016-02-25 11:28:01
Basic hardware data of remote computers via TeamViewer? 2Reply
S
shadowkz932021-10-16 12:31:31
How to add a computer to a domain using a powershell script? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question