+ Post New Thread
Results 1 to 2 of 2
Scripts Thread, VBS or powershell to add mutiple groups to network share in Coding and Web Development; I used icacls to generate share permissions. I can add a user or a group to the share permissions but ...
  1. #1

    Join Date
    Oct 2013
    Posts
    3
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    VBS or powershell to add mutiple groups to network share

    I used icacls to generate share permissions.
    I can add a user or a group to the share permissions but I cannot add multiple users or groups to a share at the same time in vbs or icalcls.
    @echo offset /p username=Enter username:echo Select permissions :echo N - no accessecho F - full accessecho M - modify accessecho RX - read and exeecho R - read-only accecho W - write-only acecho D - delete accessecho.set /p perm=Enter permissions:if %perm%==Ficacls "C:\Users\%username%" /grant:r "%username%OI)(CI)F"

  2. #2

    Join Date
    Apr 2013
    Posts
    2
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Here are two PowerShell scripts I wrote for setting up a folder with multiple shares for different users.

    For setting the NTFS permissions to the folders:

    Code:
    cd "C:\root\folder\where\shares\are\located"
    
    $acls = get-acl "C:\root\folder\where\shares\are\located\*"
    $folder = gci "C:\root\folder\where\shares\are\located"
    
    ForEach ($acl in $acls){
    $arg = New-Object System.Security.AccessControl.FileSystemAccessRule("domain\user","FullControl","ContainerInherit, ObjectInherit","None","Allow")
    $acl.SetAccessRule($arg)
    Set-Acl $folder $acl
    }
    You can simplify this down to:

    Code:
    $acl = get-acl "folder"
    $arg = New-Object System.Security.AccessControl.FileSystemAccessRule("domain\user","FullControl","ContainerInherit, ObjectInherit","None","Allow")
    $acl.SetAccessRule($arg)
    Set-Acl "folder" $acl
    To elaborate a bit on the AccessRule it is taking the user, then what control they have, whether or not it is inheriting various permissions '"ContainerInherit, ObjectInherit","None"' and "Allow" is for the permission specified before, being "FullControl".

    I couldn't get multiple groups for acl to work very well for me. To do this I would re-do the prior loop with the other user as another script block.


    For sharing the folders and setting their share permissions:

    Code:
    $folders = gci
    
    ForEach ($folder in $folders) {
    $path = "Z:\path\to\folder\$user"
    $user = $folder
    net share $user$=$path "/GRANT:domain\user,full" "/GRANT:domain\group,full"
    }
    Again this can be simplified to just:

    Code:
    net share sharename=Z:\path\to\share "/GRANT:domain\user,full" "/GRANT:domain\group,full"
    Just keep adding on "/GRANT:domain\userorgroup,read or write or full" as you need.

    There probably is a more elegant way of doing this, but this is something I came up with rather quickly on the spot to get the shares done in time.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 1
    Last Post: 27th February 2012, 11:44 AM
  2. Replies: 0
    Last Post: 20th October 2011, 12:45 PM
  3. Easy way to add SMART Gallery to SMART Notebook?
    By CM786 in forum Educational Software
    Replies: 7
    Last Post: 24th March 2010, 01:21 PM
  4. [Fog] How to Add boot images to the PXE Menu
    By ChrisH in forum O/S Deployment
    Replies: 6
    Last Post: 25th September 2009, 08:24 PM
  5. Script to add a group to a group
    By Quackers in forum Windows
    Replies: 8
    Last Post: 9th December 2008, 10:27 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •