I am having an issue changing file permissions on files that have been moved. I have been able to run the script with admin permissions when using the icals command, however, the command is not available on all the PC’s i need to use the script on. Below is what I have so far.
What SHOULD be happening is:
- The script looks for any files in C:\Pictures\Camera Roll\
- If files are found, move the files to C:\Recordings\ on the local PC
2a. I the C:\Recordings\ folder does not exist, it is created - Change the permissions by adding a security group. Should be recursive to all files and folders in C:\Recordings
$users = Get-ChildItem C:\Users
$Recordings = "C:\Recordings\"
$user = "EDU\Sec_Consult_Recordings" .
$Rights = "Read, ReadAndExecute, Write, Modify, ListDirectory"
$InheritSettings = "Containerinherit, ObjectInherit"
$PropogationSettings = "InheritOnly"
$RuleType = "Allow"
Get-ChildItem $Recordings -Recurse | Where-Object {($_.Name -Like "WIN*" -and $_.LastWriteTime -lt (Get-Date).AddDays(-14))}
foreach ($user in $users){
$folder = "$($user.fullname)\Pictures\Camera Roll\*"
$UserPath = "C:\Recordings\" + $user.Name
Write-Output $UserPath
If (Test-Path $folder) {
If (Test-Path $UserPath){Move-Item -Path $folder -Destination $UserPath}
else {
new-item -itemType Directory -Force -Path $UserPath
Move-Item -Path $folder -Destination $UserPath
}
}
$acl = Get-Acl $UserPath
$perm = $user, $Rights, $InheritSettings, $PropogationSettings, $RuleType
$rule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $perm
$acl.SetAccessRule($rule)
$acl | Set-Acl -Path $path
#icacls $UserPath /setowner Sec_Consult_Recordings /q /c /t
#icacls $UserPath /grant Sec_Consult_Recordings:F /q /c /t
}