Setting folder ACL with PowerShell

palmero · June 30, 2020, 12:24pm

Hi.

I’m using the following to set user rights on a folder:

$acl = Get-Acl $folder
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(“mydomain\joeuser”,“FullControl”,“Allow”)
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $folder

This works fine, however I don’t want to grant joeuser full control, only standard read/execute rights. The following should be checked in the Properties for the folder: Read & execute, List folder contents, and Read.

If I change “FullControl” to “Read” in the above code, I end up with Special permissions where Read is the only checked item.

Any suggestions greatly appreciated.

tonyd · July 2, 2020, 4:45am

Try playing with this, adjust to your liking:

$FolderAuditRules = “Traverse, ExecuteFile, ListDirectory, ReadData, CreateFiles, WriteData, CreateDirectories, AppendData, DeleteSubdirectoriesAndFiles, Delete, ChangePermissions, TakeOwnership”

$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(“mydomain\joeuser”, $FolderAuditRules)

Topic		Replies	Views
Assign user ACL permissions to a folder and sub directory using powershell PowerShell Help	1	193	September 26, 2019
Setting Folder Permissions with Powershell PowerShell Help	0	175	December 31, 2011
Setting Folder ACL PowerShell Help	24	166	June 28, 2016
Give access to folder, its subfolders and all files to a user/group in Windows PowerShell Help	4	207	December 17, 2019
Setting ACL Question PowerShell Help	2	157	January 31, 2018

Setting folder ACL with PowerShell

Related Topics