Add ACL users and groups

Question

I have to add Users and groups manually to all folders inside a specific volumes (es: vol2).

I have tried the cript below that it seems all is working fine (it adds user1 and Group1) in all sub-folder ...

I was wondering : why I am receiving the error/warning below?

Exception calling "AddAccessRule" with "1" argument(s): "No flags can be set.

Parameter name: inheritanceFlags"

At line:16 char:17

+ ...             $ACL.AddAccessRule((New-Object System.Security.AccessCont ...

+ CategoryInfo          : NotSpecified: (:) [], MethodInvocationException

+ FullyQualifiedErrorId : ArgumentException

-----------SCRIPT------------

$FoldersPath =  Get-ChildItem -Recurse -Path "D:\test\Vol2"

foreach ($FolderPath in $FoldersPath){

 $Path=$FolderPath.Fullname

  $ACL = Get-Acl -Path $Path

                $ACL.SetAccessRuleProtection($false,$true)

                $ACL.AddAccessRule((New-Object System.Security.AccessControl.FileSystemAccessRule("User1" , “read”, “ContainerInherit,ObjectInherit” ,"none", “Allow”)))

                $ACL.AddAccessRule((New-Object System.Security.AccessControl.FileSystemAccessRule("Group1" , “FullControl”, “ContainerInherit,ObjectInherit” ,"none", “Allow”)))

                $ACL.AddAccessRule((New-

    }

Answer 1

I think you saw the error message Exception calling "AddAccessRule" with "1" argument(s): "No flags can be set. Parameter name: inheritanceFlags" because the script tried to set inheritanceFlags on files in your $fileList. If you do have to do it then the inheritanceFlags must be set to None, so it might be better to set acls on files and folders separately.

#folders

if( $Lists.PSIsContainer -eq $true ){ .... }

#files

else{ ... }

Answer 2

Hi Ian,

this suggestion worked:

#folders

if( $Lists.PSIsContainer -eq $true ){ .... }

#files

else{ ... }

I have another small issue related but I have opened another question for it

ACL groups - Microsoft Community

Thanks