powershell - Modifying folder permissions -

need little help. script not changing permissions @ all.

i want make name of folder owner of folder full rights.

$foldernames = (get-childitem \\knesmbmdc001\profiles).name $user = "$foldernames" $usercount = 0 foreach($name in $foldernames) { if ($usercount -le 5) {     try     {          $rule = new-object system.security.accesscontrol.filesystemaccessrule($user,"fullcontrol", "containerinherit, objectinherit", "none", "allow")         $acl = get-acl $name         $acl.addaccessrule($rule)         set-acl $name $acl     }     catch     {     add-content c:\user_done.txt $name     } } }  

the immediate problems script:

• the first argument passed new-object system.security.accesscontrol.filesystemaccessrule should $name, not $user.

• your add-content call write log file should not in catch clause, log if acl operation did not succeed.

• by having no other statements in catch clause, exceptions ignored.

• you're passing mere folder names cmdlets expect paths (get-acl, set-acl), works if current location happens folder's parent location.

here's reformulation of script should work intended:

$dir = '\\knesmbmdc001\profiles' $logfile = 'c:\user_done.txt' get-childitem -directory $dir | % {     $user = $_.name     $acl = get-acl -literalpath $_     $rule = new-object system.security.accesscontrol.filesystemaccessrule $user, "fullcontrol", "containerinherit, objectinherit", "none", "allow"     $acl.addaccessrule($rule)     set-acl -literalpath $_ -aclobject $acl     add-content $logfile $user  } 

note, however, while will give full control target user, does not make them owner of folder.

to change ownership, try following (replace $rule=... , $acl.addaccessrule... commands):

$useridentity = new-object system.security.principal.ntaccount $user $acl.setowner($useridentity) 

this worked me local user account while running elevated privileges, ymmv.