-
Notifications
You must be signed in to change notification settings - Fork 2
Module NTFSSecurity
Sébastien Maltais edited this page Apr 27, 2020
·
30 revisions
Windows PowerShell Module for managing file and folder security on NTFS volumes
Prerequisites: Powershell 5.1 and Internet
Install-Module -name NTFSSecurity
# Folder for ntfs right scan
$file_or_folder = "\\srv-world01\it_share"
Get-NTFSAccess -Path $file_or_folder# Folder
$folder = "\\server01\it_share"
# Access Right (Read,Modify,FullControl)
$right = "read"
# Active Directory Users and Groups
$account = @("alec.wyatt","barrett.nunez")
# Add the NTFS permission to the folder and -appliesto is dynamic when you type the command
Add-NTFSAccess –Path $folder –Account $account –AccessRights $right -AppliesTo SubfoldersOnly# Folder
$folder = "\\server04\it_share"
# Access Right (Read,Modify,FullControl)
$right = "read"
# Active Directory Users and Groups
$account = @("alec.wyatt","barrett.nunez")
# Remove NTFS Right
Remove-NTFSAccess –Path $folder –Account $account –AccessRights $right# File
$file = "\\server01\it_share\atome.txt"
# Access Right (Read,Modify,FullControl)
$right = "modify"
# Active Directory Users and Groups
$account = @("alec.wyatt","barrett.nunez")
# Add NTFS right to the file
Add-NTFSAccess –Path $file –Account $account –AccessRights $right# File
$file = "\\server01\it_share\atome.txt"
# Access Right (Read,Modify,FullControl)
$right = "modify"
# Active Directory Users and Groups
$account = @("alec.wyatt","barrett.nunez")
# Remove the NTFS right on the folder
remove-NTFSAccess –Path $file –Account $account –AccessRights $right# Source folder
$source = "c:\power\it_share"
# Destination folder
$destination = "\\server05\it_new_share"
# Get NTFS right from the source and apply them to the destination
Get-NTFSAccess –Path $source | Add-NTFSAccess -path $destinationNTFS Disaster recovery: This script restore the NTFS permission to default owner on the home folder of the user. The script get the username from the name in the user home folder name.
# Home folder root
$home_folder = "\\server01\home\"
# Create a list of user home folder
$users_home_list = Get-ChildItem -path $home_folder
# loop!
foreach($user_home in $users_home_list){
# Extract the username from the folder name
$user = $user_home.name
# Path of the user home folder
$user_home_path = $user_home.fullname
# Add user as the owner of the folder
Set-NTFSOwner -Account $user -Path $user_home_path
# Add the user Full control permission on the folder
Add-NTFSAccess –Account $user –path $user_home_path –AccessRights FullControl
}