-
Notifications
You must be signed in to change notification settings - Fork 3
/
folder_permissions.ps1
28 lines (24 loc) · 1.42 KB
/
folder_permissions.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#This script will find a specified folder on a remote machine and give modify rights to "Authenticated Users"
Invoke-Command -ComputerName machine {
function find-path{
$folderName = "Outlook"
Get-ChildItem -Recurse -Force "C:\Program Files (x86)" -ErrorAction SilentlyContinue |
Where-Object { ($_.PSIsContainer -eq $true) -and ( $_.Name -like "*$folderName*") } |
Select-Object -expand FullName
}
foreach($folder in find-path){
$acl = Get-Acl $folder
$myGroup = "NT AUTHORITY\Authenticated Users"
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$myGroup", "Write", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$myGroup", "Read", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$myGroup", "ReadAndExecute", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$myGroup", "ListDirectory", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$myGroup", "Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
Set-Acl $folder $acl
}
}