Setting ACL Question


I’m trying to set permissions on a folder then make all child folders/files inherit those permissions of the parent folder.

Here is what I have so far. It will set the permissions to the parent but child folders/files are not getting the inherited permissions.

$path = 'C:\temp\test'

Get the ACL for an existing folder

$existingAcl = (Get-Item $path).GetAccessControl('Access')
$allInherit = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit","ObjectInherit"

Set the permissions that you want to apply to the folder

$permissions = $env:username,"FullControl",$allInherit,"None","Allow"

Create a new FileSystemAccessRule object

$rule = New-Object System.Security.AccessControl.FileSystemAccessRule $permissions

Modify the existing ACL to include the new rule


#Enable Inheritance


Apply the modified access rule to the folder

Set-Acl -path $path -AclObject $existingAcl

Any help is appreciated, thanks!

Using NTFS module and inheritance

Personally I find doing ACL’s natively with powershell is awful, check out the module above. Much easier to work with.

Example 3 from the MS Docs page at shows how to iterate through the child objects of the parent directory to accomplish this.

Looks like a simple change to the last line like below:

Get-ChildItem -Path $path -Recurse -Force | Set-Acl -AclObject $existingAcl