Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #transform inputfile to custom objectcollection
- $Employees = New-Object System.Collections.ArrayList
- foreach ($element in $importfile){
- $pscustom = New-Object -TypeName psobject
- $pscustom | Add-Member -MemberType NoteProperty -Name Folder -Value $element[0]
- $pscustom | Add-Member -MemberType NoteProperty -Name ZugriffSoll -Value $($Admins + "; " + $element[1])
- $pscustom | Add-Member -MemberType NoteProperty -Name Status -Value "pending"
- $Employees.add($pscustom)
- }
- #Alle Ordner einlesen
- #Ordnername --> Vorgesetzten rausfinden --> Berechtigung setzen
- $Folders = Get-ChildItem $Directory
- #Employees without a folder
- $Employees | ? {$_.Folder -NotIn $Folders.Name } | % {$_.Status = "missing folder"}
- #Employees with a folder
- $Employees | ? {$_.Folder -In $Folders.Name } | % {$_.Status = "permission"}
- #Set Permissions for Employes with a $folder
- foreach ($Employee in $Employees | ? Status -eq "permission"){
- $path = ($Directory + "\" + $Employee.folder)
- $Rights = "FullControl"
- $InheritSettings = "Containerinherit, ObjectInherit" #Controls how permissions are inherited by children
- $PropogationSettings = "None" #Usually set to none but can setup rules that only apply to children.
- $RuleType = "Allow" #Allow or Deny.
- $Users = $Employee.ZugriffSoll.Split(";").trim()
- foreach ($User in $Users | ? $_.length -ne 0){
- $acl = Get-Acl $path
- #Remove previous Access
- ## not working... $acl.access | ? {$_.IdentityReference.value -notlike "IMRECYCLING\IMR_Administratoren"} | %{$acl.RemoveAccessRule($_)}
- $perm = $User, $Rights, $InheritSettings, $PropogationSettings, $RuleType
- $rule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $perm
- try {
- $acl.SetAccessRule($rule)
- $acl | Set-Acl -Path $path
- $Employees | ? {$_.Folder -eq $Employee.Folder } | % {$_.Status = "ok"}
- }
- catch {
- $Employees | ? {$_.Folder -eq $Employee.Folder } | % {$_.Status = "failed"}
- }
- }
- }
- $Employees | ? Status -eq "failed"
- Read-Host
- #Set read Permission for unique users
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement