Hello!
We're having a problem with this script. When we run it without the ForEach-loop it works fine and sets the permissions and ownership on the folder, subfolders and files. But when we add the ForEach, it stops setting the ownership correctly. In the .txt-file, for testing purposes, we have the names of only two folders/users on each line. The script doesn't give any errors, but don't seem to make any changes to the ownership.
Me an my collegue are out of ideas as to what may cause this, so do anyone have any ideas what might be happening?
Powershell
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | ForEach($userinGet-Content"\\edufile12\c$\script\user.txt"){#RedirectsGet-Acl\\edufile12\Redirects$\$user|Format-List|Out-String$acl=Get-Acl"\\edufile12\Redirects$\$user"$acl.SetAccessRuleProtection($True,$False)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("EDU\$user","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl.RemoveAccessRuleAll($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("Administrators","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl.AddAccessRule($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("EDU\Domain Admins","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl.AddAccessRule($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("CREATOR OWNER","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl.AddAccessRule($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("SYSTEM","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl.AddAccessRule($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("edu\$user","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl.AddAccessRule($rule)$acct=New-ObjectSystem.Security.Principal.NTAccount("edu\$user")$acl.SetOwner($acct)Set-Acl\\edufile12\Redirects$\$user$aclGet-Acl\\edufile12\Redirects$\$user|Format-List|Out-String#ProfilesGet-Acl\\edufile12\Profiles$\$user|Format-List|Out-String$acl2=Get-Acl"\\edufile12\Profiles$\$user"$acl2.SetAccessRuleProtection($True,$False)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("Administrators","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl2.AddAccessRule($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("EDU\Domain Admins","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl2.AddAccessRule($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("CREATOR OWNER","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl2.AddAccessRule($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("SYSTEM","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl2.AddAccessRule($rule)$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("edu\$user","FullControl","ContainerInherit, ObjectInherit","None","Allow")$acl2.AddAccessRule($rule)$acct2=New-ObjectSystem.Security.Principal.NTAccount("edu\$user")$acl2.SetOwner($acct2)Set-Acl\\edufile12\Profiles$\$user$acl2Get-Acl\\edufile12\Profiles$\$user|Format-List|Out-String#Skapa flaggfil för Roberts GPONew-Item\\edufile12\Redirects$\$user\flag_request_reset_contacts.txt-typefile-force-value"Flagfile for Contacts cleanup. Created by \\edufile12\c$\scripts\Set-EDUuserACL.ps1"} |
