Applying NTFS Access Rules

by Mar 21, 2014

There are many ways to add or change NTFS permissions. One is to reuse existing tools such as icacls.exe.

This function will create new folders that have default permissions. The script uses icacls.exe to explicitly add full permissions to the current user and read permisssions to local Administrators:

function New-Folder 
{
  param
  (
    [String]
    $path,
    
    [String]
    $username = "$env:userdomain\$env:username"
  )
  
  If ( (Test-Path -Path $path) -eq $false ) 
  {
    New-Item $path -Type Directory | Out-Null
  }
  
  icacls $path /inheritance:r /grant '*S-1-5-32-544:(OI)(CI)R' ('{0}:(OI)(CI)F' -f $username)
} 

Twitter This Tip! ReTweet this Tip!