Powershell create folder and set ACL

Apolinar, Ayanes 1 Reputation point
2022-09-21T19:44:23.65+00:00

I have a need to create a user folder for about 500 users and rather than do it manually i would like to try using PowerShell. I have an csv file with a header called folder, this holds the username i.e. tuser which is what the folder should be named once created and that username should be added to the folder ACL with modify permissions in addition to inheriting the root permissions. I tried the script below but it did nothing not even errors. Any suggestions on how to best achieve this?

location where the folders will be created

Set-Location \fileserver\share$\Test

csv file with folder names

$Folders = Import-Csv C:\Temp\Scripts\newusers.csv

ForEach ($Folder in $Folders) {
New-Item $Folder.name -itemtype directory

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,407 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Michael Taylor 49,251 Reputation points
    2022-09-21T21:23:14.337+00:00

    Your foreach loop should be correctly creating the directories assuming your CSV file has a column header called name. Dump out the members of $Folder to see what it generated using $Folder | Get-Member. It is possible you just aren't getting the right value.

    After you've created the folder then you can adjust the ACLs using Set-Acl. I think the docs provide an example of this specific scenario here. Here's the sample with a few adjustments.

       $NewAcl = $Folder | Get-Acl  
       $identity = "<username from CVS, including domain if needed"  
       $fileSystemRights = "Write"  
       $type = "Allow"  
         
       $fileSystemAccessRuleArgumentList = $identity, $fileSystemRights, $type  
       $fileSystemAccessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $fileSystemAccessRuleArgumentList  
         
       $NewAcl.SetAccessRule($fileSystemAccessRule)  
       $Folder | Set-Acl -AclObject $NewAcl  
    
    0 comments No comments

  2. Limitless Technology 44,001 Reputation points
    2022-09-23T10:36:14.83+00:00

    Hello there,

    You might get an error if the user running the script doesn't have permission on both the source and target folders.

    An ACL rule is split into five arguments:

    Rights
    Inheritance
    Propagation
    User
    Type

    To copy permissions, a user must own both the source and target folders. The following command will copy the permissions from the “Accounting” folder to the “Sales” folder:

    get-acl \fs1\shared\accounting | Set-Acl \fs1\shared\sales

    I hope this information helps. If you have any questions please let me know and I will be glad to help you out.

    -----------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments

  3. Apolinar, Ayanes 1 Reputation point
    2022-09-23T18:22:22.657+00:00

    Thanks for the replies. I got the first part working once i correctly named the csv header to match so the script is creating the folders correctly, now i am just working through the part of adding the user to the ACL. Unfortunately i cant copy the permissions from another folder because these are user folders so it would need to add the user (in my example tuser) with full permissions to the folder. The username "tuser" is in the csv since its the name of the folder that gets created.