locked
Powershell NTFSSecurity RRS feed

  • Question

  • Hi!

    I have the following folder structure:

    c:\test1\private, c:\test1\public, c:\test1\other
    c:\test2\private, c:\test2\public, c:\test2\other
    c:\test3\private, c:\test3\public, c:\test3\other

    I have a folder list: c:\folder-list.txt

    c:\test1
    c:\test2

    There is a little chaos with folder permissions... so I would like to fix it with Powershell NTFSSecurity module :-)

    I want all folders listed in folder-list.txt, and all contained files too... to inherit the permissions from their parent object (in this case from root folder of drive c:) ... But the private folders must keep their permissions...

    I have tried something like that:

    Get-Content c:\folder-list.txt | Get-Item | Enable-Inheritance -RemoveExplicitAccessRules | Get-ChildItem -Recurse -Exclude 'private' | Enable-Inheritance -RemoveExplicitAccessRules

    Everything is fine with first level (test) folders... and the permissions of private folders are untouched... but unfortunately the second level objects (other and public folders and the files) are still untouched... (so they have the old permissions...)

    As you can see... I am newbie... can You help me with this?

    Thx a lot!


    • Edited by Admin Ruky Tuesday, February 24, 2015 10:33 PM
    Tuesday, February 24, 2015 10:31 PM

Answers

  • Hi Ruky,

    sure I can help you with this. The reason this happens is that Enable-Inheritance has no output. That means, nothing in the pipeline after its first call is ever run.

    You'll need to loop a bit more extensively to do this, as you also can't globally go through all children excluding private (this would exclude all folders named 'private' in the other sections as well and affect all child items of the private folder.

    Sooo ... here ya go:

    # Iterate over all root folders
    foreach ($Folder in (Get-Content c:\folder-list.txt))
    {
    	# Enable Inheritance for the root folder
    	Get-Item $Folder | Enable-Inheritance -RemoveExplicitAccessRules
    	
    	# Iterate over each item in the root folder
    	foreach ($Child in (Get-ChildItem $Folder))
    	{
    		# If it is not named private ...
    		if ($Child.Name -notlike "private")
    		{
    			# Enable Inheritance for the item itself
    			$Child | Enable-Inheritance -RemoveExplicitAccessRules
    			
    			# Enable Inheritance for all its children
    			Get-ChildItem $Child -Recurse -Force | Enable-Inheritance -RemoveExplicitAccessRules
    		}
    	}
    }

    Cheers,
    Fred


    There's no place like 127.0.0.1

    • Marked as answer by Admin Ruky Wednesday, February 25, 2015 2:34 PM
    Wednesday, February 25, 2015 9:00 AM

All replies

  • Hi Ruky,

    sure I can help you with this. The reason this happens is that Enable-Inheritance has no output. That means, nothing in the pipeline after its first call is ever run.

    You'll need to loop a bit more extensively to do this, as you also can't globally go through all children excluding private (this would exclude all folders named 'private' in the other sections as well and affect all child items of the private folder.

    Sooo ... here ya go:

    # Iterate over all root folders
    foreach ($Folder in (Get-Content c:\folder-list.txt))
    {
    	# Enable Inheritance for the root folder
    	Get-Item $Folder | Enable-Inheritance -RemoveExplicitAccessRules
    	
    	# Iterate over each item in the root folder
    	foreach ($Child in (Get-ChildItem $Folder))
    	{
    		# If it is not named private ...
    		if ($Child.Name -notlike "private")
    		{
    			# Enable Inheritance for the item itself
    			$Child | Enable-Inheritance -RemoveExplicitAccessRules
    			
    			# Enable Inheritance for all its children
    			Get-ChildItem $Child -Recurse -Force | Enable-Inheritance -RemoveExplicitAccessRules
    		}
    	}
    }

    Cheers,
    Fred


    There's no place like 127.0.0.1

    • Marked as answer by Admin Ruky Wednesday, February 25, 2015 2:34 PM
    Wednesday, February 25, 2015 9:00 AM
  • THX!
    Wednesday, February 25, 2015 2:35 PM