Automatically creating folders per user and assigning correct permissions

Hi, I have this script I’m currently working on that creates a folder for each user with their own name on a share.

So the situation is: E:/Scans/user/
This should be like their own ‘‘homefolder’’ and should be created upon login. If it’s already created, nothing should happen.

Now I have a script that creates this folder with permissions, however I can not get the permissions to go right.



TBN Scan Map Creation Script


if (-not (Test-Path “$homedir”))
$acl = Get-Acl (New-Item -Path $homedir -ItemType Directory)

$acl.SetAccessRuleProtection($false, $true)

$ace = “$($env:USERDOMAIN)$($ENV:USERNAME)”,“FullControl”, “ContainerInherit,ObjectInherit”,“None”,“Allow”
$objACE = New-Object System.Security.AccessControl.FileSystemAccessRule($ace)
Set-ACL -Path “$homedir” -AclObject $acl
net use x: \WIN-HNF1R0TNHGH\E\Scans$($env:username)[/pre] is my current code.

I put the permissions as follow on the folders:

E:/ permissions:

/folder/ permissions:
Sharing: not shared

then, user logs in, runs the script, and this is the permissions on their folder:

/name/ permissions;
Sharing: not shared

I don’t understand Powershell at all, and really can’t get it to work. Could anyone please assist with this?

When I have all the permissions correct, the users are still able to look through each folder.

Kind Regards,


There’s a feature of Windows called Access-Based Enumeration, or ABE, you need to look into. Not having permission to a file does not ordinarily stop you from seeing that the file exists, which is what ABE turns on.