none
Powershell to create a folder if it doesn't exist and ACL RRS feed

  • Question

  • Hi,

    I'm really new to powershell but I need some help to write a powershell script that creates a folder in an existing folder structure (if the folder doesn't already exist). I then need to stop the inheritance and add full control to "domain users" for folder, subfolders, files.

    The folder above this one limits "domain users" to traverse only. Any help greatly appreciated 

    Friday, March 11, 2016 12:12 PM

Answers

All replies

  • Hi,

    These should get you started:

    http://ss64.com/ps/if.html

    http://ss64.com/ps/new-item.html

    http://ss64.com/ps/get-acl.html

    http://ss64.com/ps/set-acl.html

    These modules will make life easier when dealing with permissions:

    https://gallery.technet.microsoft.com/scriptcenter/PowerShellAccessControl-d3be7b83

    https://gallery.technet.microsoft.com/scriptcenter/1abd77a5-9c0b-4a2b-acef-90dbb2b84e85

    I highly recommend starting at the beginning, as you'll need to have a solid foundation in the basics:

    https://technet.microsoft.com/en-us/scriptcenter/dd742419.aspx

    Lastly, please see this to set your expectations of this forum:

    https://social.technet.microsoft.com/Forums/scriptcenter/en-US/c47b1bc2-f7fd-4d2e-8ff2-e8a81ce090d4/this-forum-is-for-scripting-questions-rather-than-script-requests?forum=ITCG

    If you run into problems, post your code and errors and we can help from there.

    Good luck.


    • Marked as answer by TechyTommy Friday, March 11, 2016 4:32 PM
    Friday, March 11, 2016 12:51 PM
  • Hi thanks for these I have got most of it done but still having trouble with the If folder already exists bit. I've never been very good at If ... then ... else ... exit stuff. Also is there anyway to simplify. I seem to have the PATH in there a lot - perhaps I could use more variables? can you possibly help with the following code:

    New-Item "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit" –Type Directory
    Get-Acl "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit" | Format-List
     
    $acl = Get-Acl "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit"
    $acl.SetAccessRuleProtection($True, $False)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\Domain Users”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\sysadmin”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\jsaadmin”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    Set-Acl "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit" $acl
     
    Get-Acl "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit"  | Format-List

    Friday, March 11, 2016 4:01 PM
  • Hi thanks for these I have got most of it done but still having trouble with the If folder already exists bit. I've never been very good at If ... then ... else ... exit stuff.

    Test-Path can help you there:

    http://ss64.com/ps/test-path.html

    Also is there anyway to simplify. I seem to have the PATH in there a lot - perhaps I could use more variables?

    You can assign the output of New-Item to a variable and then use the FullName property to reference the folder you created:

    PS C:\Scripts\PowerShell Scripts\Misc Testing\3-11-2016> $a = New-Item -Name TestFolder -ItemType Directory
    
    PS C:\Scripts\PowerShell Scripts\Misc Testing\3-11-2016> $a.FullName
    C:\Scripts\PowerShell Scripts\Misc Testing\3-11-2016\TestFolder

    can you possibly help with the following code:

    <snip>

    Help with what exactly? You'll need to ask a specific question, as I'm not sure what you're asking about.


    Friday, March 11, 2016 4:12 PM
  • Hi 

    I have added this to the top but I don't know if it is working? The reason I don't know is because I am not seeing a result for ether of the Write-Verbose statements. Also as in VBs do you need to set variables = Nothing or similar after the code? e.g. good housekeeping?

    $Path = "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit"

    if(Test-Path $Path){Write-Verbose "Folder: $Path Already Exists"}
    else{
        Write-Verbose "Creating $Path" 


    New-Item "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit" –Type Directory | Out-Null
    }

    Get-Acl "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit" | Format-List
     
    $acl = Get-Acl "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit"
    $acl.SetAccessRuleProtection($True, $False)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\Domain Users”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\sysadmin”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\jsaadmin”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    Set-Acl "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit" $acl
     
    Get-Acl "G:\JobData\JobNumbers_SB\2016 Jobs\JobName\Drawings\Revit"  | Format-List


    • Edited by TechyTommy Friday, March 11, 2016 4:33 PM
    Friday, March 11, 2016 4:16 PM
  • I have added this to the top but I don't know if it is working? The reason I don't know is because I am not seeing a result for ether of the Write-Verbose statements.

    Write-Verbose doesn't actually work that way. Try it by itself in the console, you won't actually see any output. For trace statements, I generally just use Write-Host.

    Also as in VBs do you need to set variables = Nothing or similar after the code? e.g. good housekeeping?

    Nah, not really necessary. You can if you really want to thought.


    Friday, March 11, 2016 4:38 PM
  • Thanks for the Write-host lead.  I've added a wild card to my path and although it returns ether of the outputs it only writes it once on the path with the wildcard. As this is the case it is not worth having it - also I understand that New-Item will not overwrite a folder. 

    Thanks for all your help on this. helpful taps in the right direction really helps to speed learning along. much appreciated.

    Here's the finished thing as I see it:

    $Path = "G:\JobData\JobNumbers_SB\2016 Jobs\*\Drawings\Revit"

    if(Test-Path $Path){Write-host "Folder: $Path Already Exists"}
    else{
        Write-host "Creating $Path" 


    New-Item $Path –Type Directory | Out-Null
    }
    Get-Acl $Path | Format-List
     
    $acl = Get-Acl $Path
    $acl.SetAccessRuleProtection($True, $False)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\Domain Users”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\sysadmin”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule(“Domain\jsaadmin”,”FullControl”, “ContainerInherit, ObjectInherit”, “None”, “Allow”)
    $acl.AddAccessRule($rule)
    Set-Acl $Path $acl
     
    Get-Acl $Path  | Format-List

    • Marked as answer by TechyTommy Friday, March 11, 2016 5:23 PM
    Friday, March 11, 2016 5:22 PM
  • Cheers, you're very welcome. Glad you got it working.

    Friday, March 11, 2016 5:28 PM