Backup and Restore File/Folder Security Permissions
Backup Permissions
To store a copy of the current permissions we run Get-Acl, to get the permissions for a folder, then store it in a variable.
$Rights = Get-Acl -Path "C:\Path\To\Folder"You can now run $Rights in the PowerShell window to see the current permissions.
Add to the existing permissions
$username = "FLast"
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($username,"FullControl","ContainerInherit, ObjectInherit","None","Allow")
$rights.SetAccessRule($AccessRule)
Set-Acl -Path "C:\Path\To\Folder" -AclObject $rightsGoing through the script by line:
- Define who we are permitting to access the folder
- Define the permissions we are setting. Here is each variable in the command:
- The name of a user account or group we are assigning the permissions to.
- One of the FileSystemRights values that define the type of operation associated with the access rule.
- One of the InheritanceFlags values that defines how access masks are propagated to child objects.
- One of the PropagationFlags values that defines how Access Control Entries (ACEs) are propagated to child objects.
- If we are allowing or denying the specified permissions.
- Add the above access rule to the permissions we will apply
- Apply the new permissions to the folder