Hi all,
Trying to export NTFS permissions for a given filepath to .csv (which works fine), and then re-import it. To be used as a backup really.
So far I have the script below.
The backup section works - it exports the NTFS perms to a .csv all good and well.
The IMPORT process (Set-ACL) doesn’t work so well. This portion is a concoction of other scripts I have found online as i’m a bit of a powershell Novice but sort of know my way around.
Below the “Test” folder is a bunch of other sub-folders. Some with inherited permissions, some with explicit permissions with inheritance disabled.
When I run the import script, if inheritance is DISabled on all sub-folders it imports fine and restores the explicit permissions BUT it enables inheritance for all sub-folders regardless of if it was set before or not. If inheritance is ENabled then it completes but nothing changes. No perms are restored.
I’m at the end of my tether with it now and hope someone can point me in the right direction? Any help is appreciated.
[pre]
Backup Permissions
Get-Childitem -path “D:\Test” -recurse | Where-Object {$_.PSIsContainer} | Get-ACL | Select-Object Path -ExpandProperty Access | Export-CSV “D:\NTFS Permissions.csv” -NoTypeInformation
Import NEEDS to be run as ADMINISTRATOR
$par = Import-Csv -Path “D:\NTFS Permissions.csv”
foreach ( $i in $par ) {
$path= $i.Path
$IdentityReference= $i.IdentityReference
$AccessControlType=$i.AccessControlType
$IsInherited=$i.IsInherited
$InheritanceFlags= $i.InheritanceFlags
$PropagationFlags=$i.PropagationFlags
$FileSystemRights=$i.FileSystemRights
echo $path $IdentityReference
$acl = Get-Acl “D:\Test”
$isProtected = $false
$preserveInheritance = $true
$acl.SetAccessRuleProtection($isProtected, $preserveInheritance)
$permission = $i.IdentityReference,$i.FileSystemRights,$i.AccessControlType
$accessRule = new-object System.Security.AccessControl.FileSystemAccessRule $permission
$acl.SetAccessRule($accessRule)
$acl | Set-Acl $path
}
[/pre]