none
ACL -modify (the wrong way !) RRS feed

  • Question

  • Hi,

    i did a bit of research before posting over here, and it look like the way i'm trying to do what i want to do is the wrong one..

    BUT i'd just like to know why exactly is it wrong (to understand the process ;) ) well, basically i'm trying to modify some ACL on a given folder.

    I'm OK with setting ON/OFF inheritance, but modify actual ACL right are another story .. here is what i tried :

    (get-acl -path "d:\testacl").access | where {$_.identityreference -like 'username'}
    
    #i do get the user i wish to remove ... but i'm stuck from here ... same goes with : 
    
    (get-item -Path d:\testacl).GetAccessControl().access | where {$_.identityreference -like 'username'}
    


    what i wish to do is select my user, (done) remove it, (NOT done..) and then be able to "push" it back thanks to a classic

    set-acl -path xxx -aclobject $ModifiedAclObject

    In a perfect world where the solution would work, i could modify the aclobject and add a user to grant permission this way too ...

    Well i'm all hear if anyone can explain to me why it is not possible, please ? :)

    Tuesday, June 20, 2017 3:52 PM

Answers

  • Can you please describe in simple English what it is you are trying to do.  It sounds like you are asking how to remove an ACE from an ACL.  TO remove an ACE you need to use the Remove method of the ACL object.

    $acl.RemoveAce($ace)


    \_(ツ)_/

    Tuesday, June 20, 2017 8:10 PM

All replies