API tools faq
paste
Advertisement
jason-niehoff

Folder Creation and Restrictions 2.0

jason-niehoff
Oct 26th, 2017
200
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PowerShell 2.17 KB | None | 0 0
raw download clone embed print report
  1. Param(
  2.     [string]$muUsername,
  3.     [string]$importfile,
  4.     [string]$accesscsv,
  5.     [string]$folderroot,
  6.     [string]$domain
  7. )
  8. function allowAccess ($file,$user,$levelOfAccess,$inheritance,$propagation,$type)
  9. {
  10.     $aclFile = Get-Acl -Path $file
  11.     $allowAccess = New-Object System.Security.AccessControl.FileSystemAccessRule ($user, $levelOfAccess, $inheritance, $propagation,$type)
  12.     $aclFile.SetAccessRule($allowAccess)
  13.     Set-Acl -Path $file -AclObject $aclFile
  14. }
  15. #import user list
  16. $folderList = Import-Csv -Path $importfile
  17. #import ACLs
  18. $accessList = Import-Csv -Path $accesscsv
  19. #start folder creation loop
  20. $folderList|
  21.     ForEach-Object{
  22.         #pull user display name
  23.         $folderName = $_.name
  24.         #sets samaccountname for ACL addition
  25.         $accountName = $domain + "\" + $_.samaccountname
  26.         #creates folder path
  27.         $folderPath = $folderroot + "\" + $folderName
  28.         #sets inheritance to allow ACL to propigate to children of new folder
  29.         $inheritanceFlags = "ContainerInherit, ObjectInherit"
  30.         $propagationFlags = "none"
  31.         $folderAccess = "Allow"
  32.         #test if folder exists
  33.         $exist = Test-Path -Path $folderPath
  34.         #create folder loop
  35.         if ($exist -ne $true)
  36.             {
  37.             #create folder
  38.             New-Item -ItemType "directory" -Path $folderPath
  39.             $accessList|
  40.             ForEach-Object{
  41.                 $username = $_.name
  42.                 $access = $_.access
  43.                 $type = $_.type
  44.                 #creates ACL rule
  45.                 allowAccess -file $folderPath -user $username -levelOfAccess $access -inheritance $inheritanceFlags -propagation    $propagationFlags -type $type
  46.             }
  47.         #creates ACL for myself *MAY NOT NEED*
  48.     allowAccess -file $folderPath -user $myusername -levelOfAccess "FullControl" -inheritance $inheritanceFlags -propagation            $propagationFlags -type $folderAccess
  49.         #creates ACL for user
  50.         allowAccess -file $folderPath -user $accountName -levelOfAccess "FullControl" -inheritance $inheritanceFlags -propagation       $propagationFlags -type $folderAccess
  51.         #disables inheritance and removes inherited rights
  52.         $acl = Get-Acl $folderPath
  53.         $acl.SetAccessRuleProtection(1,0)
  54.         #saves inheritance rule
  55.         Set-Acl -Path $folderPath -AclObject $acl
  56.     }
  57.     elseif ($exist -eq $true)
  58.     {
  59.         Write-Host "Folder already exists for $folderName"
  60.     }
  61. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!