Fyi. I did try the powershell forum but did not get any reply's. Can anyone
help me out here?
I need to figure out how to remove all permissions from a folder then add
"domain admins". History: We are about to begin a data migration from
multiple file servers to one nas-head. Everything we need to do to automate
the migration is completed in a powershell script I have been working on
expect for removing permissions on the old directory. Right now things are
messed up where multiple people have access to other people's home drives.
That is changing with this migration. To insure the data does not change in
the old location once we migrate the data we want to strip all permissions
expect for domain admins. This also insures if there is a problem with the
migration we will have access to the old (backup) data right away.
The script right now exports any user in a set OU where their homeDirectory
does not equal \\newShare\share\%username%
<file:///\\newShare\share\%25username%25> to a csv file along with their AD
account name and current homeDirectory.
What I need to do for removing permissions;
Done - Input csv file of users home directory and parse each record
Done - Get-acl for each homeDirectory
No Clue - Remove each users access from each homeDirectory
Done - Add acl for "domain Admins"
Done - Commit or set-acl.
Example of exported file:
"test02","\\oldShare\share\test02
What I am thinking...
$ADusers = "file location"
#Import AdUser to remove permissions
$colResult = Import-Csv $ADUsers
#parse each record for home directories
foreach ($objHomeDirectory in $colResult)
{
#reterive ACL list of current users homeDirectory
$acl = Get-Acl ($objHomeDirectory.HomeDirectory)
### At this point $acl should hold the ACL list for all users that have
permissions to \\oldShare\share\test02 <file:///\\oldShare\share\test02>
### I am just not sure what to do with it to remove permissions.
###
#parse each $acl record and remove permissions
Foreach ...........
Thank you,
Bob
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
