Beni System.Security.Principal
... veya sınıfına ya da yöntemine ya da her ne olursa olsun yönlendiren JScott sayesinde , bazı alt klasörlerdeki ACL'leri kullanıcı ana dizinleri için uygun olanlarla değiştirmek için bir miktar PowerShell:
$Root = "Path to the root folder that holds all the user home directories"
$Paths = Get-ChildItem $Root | Select-Object -Property Name,FullName
$DAAR = New-Object system.security.accesscontrol.filesystemaccessrule("MyDomain\Domain Admins","FullControl","ContainerInherit, ObjectInherit","None","Allow")
#Domain Admin Access Rule.
$SysAR = New-Object system.security.accesscontrol.filesystemaccessrule("SYSTEM","FullControl","ContainerInherit, ObjectInherit","None","Allow")
#SYSTEM Access Rule.
foreach ($Folder in $Paths)
{
Write-Host "Generating ACL for $($folder.FullName) ... "
#For error handling purposes - not all folders will map to a user of the exact same name, this makes them easier to handle when viewing the output.
$ACL = New-Object System.Security.AccessControl.DirectorySecurity
#Creates a blank ACL object to add access rules into, also blanks out the ACL for each iteration of the loop.
$objUser = New-Object System.Security.Principal.NTAccount("MyDomain\"+$folder.name)
#Creating the right type of User Object to feed into our ACL, and populating it with the user whose folder we're currently on.
$UserAR = New-Object system.security.accesscontrol.filesystemaccessrule( $objuser ,"FullControl","ContainerInherit, ObjectInherit","None","Allow")
#Access Rule for the user whose folder we're dealing with during this iteration.
$acl.SetOwner($objUser)
$acl.SetAccessRuleProtection($true, $false)
#Change the inheritance/propagation settings of the folder we're dealing with
$acl.SetAccessRule($UserAR)
$acl.SetAccessRule($DAAR)
$acl.SetAccessRule($SysAR)
Write-Host "Changing ACL on $($folder.FullName) to:"
$acl | fl
#For error handling purposes - not all folders will map to a user of the exact same name, this makes them easier to handle when viewing the output.
Set-Acl -Path $Folder.Fullname -ACLObject $acl
}
\"
tırnak işaretinden kaçıyor, ve CSS berbat durumda!