Using PowerShell to set file system permissions: ACL

To add a user with write permissions to an existing folder, the following script can be used:

Add Permission


$Acl = Get-Acl $folder
$Ar = New-Object$username,$permission,'ContainerInherit,ObjectInherit', 'None', 'Allow')
Set-Acl $folder $Acl

The script reads the current permissions and writes them to the $Acl variable, then creates a permission object with the user and the desired permissions and stores it in the $Ar variable. Finally, the created object ($Ar) is added to the previously read permissions and these are then written to the folder: Set-Acl

With "ContainerInherit and ObjectInherit the permission on the folder and its files is set.

For example, "FullControl" could be used as a permission instead of "Modify".

Interrupt inheritance

    $Acl.SetAccessRuleProtection($True, $True)

Remove permission

    $aclRemove = $acl.Access | ?{ $_.IdentityReference -eq 'BUILTIN\Users' }
    if ($acesToRemove) {
        $acl.RemoveAccessRuleAll($aclRemove )
positive Bewertung({{pro_count}})
Rate Post:
{{percentage}} % positive
negative Bewertung({{con_count}})

THANK YOU for your review!

Publication: 2023-05-08 from Bernhard | Übersetzung Deutsch |🔔

PowerShell Hashtable vs Array vs Dictionary | PowerShell | PowerShell: Prevent screen saver, lock: Move mouse regularly

Top articles in this section

PowerShell Log-Files: Logging into a textfile - write to file

Log files in PowerShell can be created via the Out-File command, via a custom function, or via PowerShell's built-in Transcript.

PowerShell Loops and Array

An array stores multiple values, similar to a 2-column table.

PowerShell: File attributes: Change date - without any tools.

As an alternative to special programs, the date of a file or folder can also be changed with PowerShell. 

Questions / Comments