Is it possible to specify more than 1 user directly in some kind of array when setting permissions with System.Security.AccessControl.FileSystemAccessRule?
Example code:
$acl = Get-Acl perm.txt
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("Desktop\David","Read","Allow")
$acl.SetAccessRule($AccessRule)
Get-ChildItem -Path "C:\Users\David\Scripts\test\testfiles" -Recurse -Filter "*testing1234*" -File | Set-Acl -AclObject $acl
This works fine and sets permission for user David. But lets say i want to set the permission for user David and user Lena, is it possbile to specify multiple users something like:
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("Desktop\David","Read","Allow","Desktop\Lena","Read","Allow")
Or is a unique ACL have to be generated for user?
Use a loop to add multiple ACEs to an ACL:
$users = 'foo', 'bar', 'baz'
foreach ($user in $users) {
$ace = New-Object Security.AccessControl.FileSystemAccessRule ("Desktop\${user}", 'Read', 'Allow')
$acl.AddAccessRule($ace)
}
You may also want to avoid applying ACLs recursively to a folder tree. Apply the ACL to the topmost folder and have ACL inheritance take care of the rest.