Setting ACL Over writes Audits

aaron-miller · November 17, 2015, 1:05am

I’m trying to write a script so that if a certain user has too many permissions on it, it deletes it out of the folder…the issue is it’s currently also removing all the audits that exist on the folder…

Below is a snippet of the function:

        foreach($acl in (get-acl $path).access | ?{$_.identityreference -eq $user} | ? {$_})
	{
		if($acl.filesystemrights -notmatch $permissions)
		{
			try
			{
				$x = (get-item -force $path).GetAccessControl('Access')
				$x.removeaccessruleSpecific($acl)

				set-acl $path -aclobject $x -erroraction stop
			}
			catch
			{
				$badgrab+=@("$user is a general user with improper permissions")
			}
										
		}
	}

On the set-acl it wipes the existing audits…is there a way to remove/set an ACL without deleting the audits?

rohn-edwards · November 17, 2015, 4:40am

This a bug caused by the file system provider in PowerShell. Set-Acl for files and folders has lots of issues (some have been fixed in version 5), so I generally recommend against using it at all. Instead, you can do this:

(Get-Item $Path).SetAccessControl($x)

aaron-miller · November 17, 2015, 5:01am

AHHHHH, well that frustrates me!

Thanks a lot, your solution worked like a charm

Topic		Replies	Views
File Audit over writing PowerShell Help	2	150	October 6, 2015
Set-ACL - script runs, fails to apply changes, but no errors PowerShell Help	4	288	February 10, 2024
using powershell to set file audit settings PowerShell Help	2	228	December 7, 2018
Weird issue when removing permissions... PowerShell Help	3	177	October 21, 2015
Setting audit permission on the registry PowerShell Help	2	158	December 11, 2015

Setting ACL Over writes Audits

Related Topics