none
Set-ACL on a file RRS feed

  • Question

  • Hi Guys,

    I have a file in a deployment I'm working on currently that I need authenticated users to have access to.  I haven't touched on ACL much in the past besides a few files in MDT that I used cacls.exe for, but I'm looking to add some configs to my powershell deployment script.  The code I'm using is -

    $acl = get-acl C:\programdata\sun\java\deployment\security\trusted.certs
    $acl.SetAccessRuleProtection($true, $false)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Users","FullControl","Allow")
    $acl.AddAccessRule($rule)
    

    I run that and nothing looks to be changed on the file.  This is my first time using this, so I could have something off :)  Any help would be appreciated.

    Monday, September 8, 2014 1:27 PM

Answers

  • Set-acl C:\programdata\sun\java\deployment\security\trusted.certs $acl



    ¯\_(ツ)_/¯

    • Proposed as answer by jrv Monday, September 8, 2014 1:56 PM
    • Marked as answer by MrBrooks Monday, September 8, 2014 2:52 PM
    Monday, September 8, 2014 1:56 PM

All replies

  • Set-acl C:\programdata\sun\java\deployment\security\trusted.certs $acl



    ¯\_(ツ)_/¯

    • Proposed as answer by jrv Monday, September 8, 2014 1:56 PM
    • Marked as answer by MrBrooks Monday, September 8, 2014 2:52 PM
    Monday, September 8, 2014 1:56 PM
  • This is how I would do it.

    $filepath='C:\programdata\sun\java\deployment\security\trusted.certs' $rule=New-Object System.Security.AccessControl.FileSystemAccessRule('Authenticated Users','FullControl','Allow') get-acl $filepath | ForEach-Object{ $_.AddAccessRule($rule) $_ } | Set-Acl $filepath

    I do not recommend altering inheritance as the rule will be extended correctly and any required inheritance will not be disturbed.



    ¯\_(ツ)_/¯


    • Edited by jrv Monday, September 8, 2014 2:55 PM
    Monday, September 8, 2014 2:52 PM
  • Yeah I should've come back and posted that I missed that part.  Worked fine after I figured that part out.  Thanks jrv :)
    Monday, September 8, 2014 2:52 PM