i am trying to write a script which adds"CreatorOwner" permission to profile$ folders on all file servers;
i.e , add "CreatorOwner" permissions to "\FileServer\Profile$"
can anybody tell me whats the command and syntax for it?
Please do ask if any questions.
One way of doing this is using WMI and UNC paths.
$AccessRule = New-Object system.security.accesscontrol.filesystemaccessrule("CREATOR OWNER","FullControl","ContainerInherit, ObjectInherit","InheritOnly","Allow")
$profileshare = Get-WmiObject Win32_Share -ComputerName fileserver -Filter "name = 'profile$'"
$driveletter, $path = $profileshare.path
$path = $path.TrimStart("\")
$ACL = Get-Acl "\\fileserver\$driveletter`$\$path"
$ACL.SetAccessRule($AccessRule)
Set-Acl \\fileserver\$driveletter`$\$path -AclObject $ACL
Now if you have a list of server names you could do the following:
$servers = @("fileserver1","fileserver2","fileserver3")
$AccessRule = New-Object system.security.accesscontrol.filesystemaccessrule("CREATOR OWNER","FullControl","ContainerInherit, ObjectInherit","InheritOnly","Allow")
$servers | % {
$profileshare = Get-WmiObject Win32_Share -ComputerName $_ -Filter "name = 'profile$'"
$driveletter, $path = $profileshare.path
$path = $path.TrimStart("\")
$ACL = Get-Acl "\\$_\$driveletter`$\$path"
$ACL.SetAccessRule($AccessRule)
Set-Acl \\$_\$driveletter`$\$path -AclObject $ACL
}