You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Add-NTFSAccess.md 8.2 KiB

5 years ago
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240
  1. ---
  2. external help file: NTFSSecurity.dll-Help.xml
  3. Module Name: ntfssecurity
  4. online version:
  5. schema: 2.0.0
  6. ---
  7. # Add-NTFSAccess
  8. ## SYNOPSIS
  9. Adds an access control entry (ACE) to an object.
  10. ## SYNTAX
  11. ### PathComplex (Default)
  12. ```
  13. Add-NTFSAccess [-Path] <String[]> [-Account] <IdentityReference2[]> [-AccessRights] <FileSystemRights2>
  14. [-AccessType <AccessControlType>] [-InheritanceFlags <InheritanceFlags>]
  15. [-PropagationFlags <PropagationFlags>] [-PassThru] [<CommonParameters>]
  16. ```
  17. ### PathSimple
  18. ```
  19. Add-NTFSAccess [-Path] <String[]> [-Account] <IdentityReference2[]> [-AccessRights] <FileSystemRights2>
  20. [-AccessType <AccessControlType>] [-AppliesTo <ApplyTo>] [-PassThru] [<CommonParameters>]
  21. ```
  22. ### SDSimple
  23. ```
  24. Add-NTFSAccess [-SecurityDescriptor] <FileSystemSecurity2[]> [-Account] <IdentityReference2[]>
  25. [-AccessRights] <FileSystemRights2> [-AccessType <AccessControlType>] [-AppliesTo <ApplyTo>] [-PassThru]
  26. [<CommonParameters>]
  27. ```
  28. ### SDComplex
  29. ```
  30. Add-NTFSAccess [-SecurityDescriptor] <FileSystemSecurity2[]> [-Account] <IdentityReference2[]>
  31. [-AccessRights] <FileSystemRights2> [-AccessType <AccessControlType>] [-InheritanceFlags <InheritanceFlags>]
  32. [-PropagationFlags <PropagationFlags>] [-PassThru] [<CommonParameters>]
  33. ```
  34. ## DESCRIPTION
  35. Adds an access control entry (ACE) to an object such as a file or folder. Other examples would be an object inside of Active Directory.
  36. ## EXAMPLES
  37. ### Example 1
  38. ```powershell
  39. PS C:\> Add-NTFSAccess -Path C:\Data -Account 'NT AUTHORITY\Authenticated Users' -AccessRights Read
  40. ```
  41. The above command gives the read permissions to the built-in group of 'Authenticated users'
  42. ## PARAMETERS
  43. ### -AccessRights
  44. The AccessRights parameter designates the permissions to assign. There are individual permissions as well as 'basic' permissions. See the below table for how the basic permissions permissions map the the advanced permissions.
  45. | Permissions | Basic Full Control | Basic Modify | Basic Read & Execute | Basic List Folder Contents | Basic Read | Basic Write |
  46. |:---------------------------: |:------------------: |:------------: |:--------------------: |:--------------------------: |:----------: |:-----------: |
  47. | Travers Folder/Execute | X | X | X | X | | |
  48. | List Folder/ Read Data | X | X | X | X | X | |
  49. | Read Attributes | X | X | X | X | X | |
  50. | Read Extended Attributes | X | X | X | X | X | |
  51. | Create Files/Write Data | X | X | | | | X |
  52. | Create Folders/Append Data | X | X | | | | X |
  53. | Write Attributes | X | X | | | | X |
  54. | Write Extended Attributes | X | X | | | | X |
  55. | Delete Subfolders and Files | X | | | | | |
  56. | Delete | X | X | | | | |
  57. | Read Permissions | X | X | X | X | X | X |
  58. | Change Permissions | X | | | | | |
  59. | Take Ownership | X | | | | | |
  60. | Synchronize | X | X | X | X | X | X |
  61. ```yaml
  62. Type: FileSystemRights2
  63. Parameter Sets: (All)
  64. Aliases: FileSystemRights
  65. Accepted values: None, ReadData, ListDirectory, WriteData, CreateFiles, AppendData, CreateDirectories, ReadExtendedAttributes, WriteExtendedAttributes, ExecuteFile, Traverse, DeleteSubdirectoriesAndFiles, ReadAttributes, WriteAttributes, Write, Delete, ReadPermissions, Read, ReadAndExecute, Modify, ChangePermissions, TakeOwnership, Synchronize, FullControl, GenericAll, GenericExecute, GenericWrite, GenericRead
  66. Required: True
  67. Position: 3
  68. Default value: None
  69. Accept pipeline input: True (ByPropertyName)
  70. Accept wildcard characters: False
  71. ```
  72. ### -AccessType
  73. The AccessType parameter determines if the ACE allows or denies the permissions assigned.
  74. ```yaml
  75. Type: AccessControlType
  76. Parameter Sets: (All)
  77. Aliases: AccessControlType
  78. Accepted values: Allow, Deny
  79. Required: False
  80. Position: Named
  81. Default value: None
  82. Accept pipeline input: True (ByPropertyName)
  83. Accept wildcard characters: False
  84. ```
  85. ### -Account
  86. {{ Fill Account Description }}
  87. ```yaml
  88. Type: IdentityReference2[]
  89. Parameter Sets: (All)
  90. Aliases: IdentityReference, ID
  91. Required: True
  92. Position: 2
  93. Default value: None
  94. Accept pipeline input: True (ByPropertyName)
  95. Accept wildcard characters: False
  96. ```
  97. ### -AppliesTo
  98. {{ Fill AppliesTo Description }}
  99. ```yaml
  100. Type: ApplyTo
  101. Parameter Sets: PathSimple, SDSimple
  102. Aliases:
  103. Accepted values: ThisFolderOnly, ThisFolderSubfoldersAndFiles, ThisFolderAndSubfolders, ThisFolderAndFiles, SubfoldersAndFilesOnly, SubfoldersOnly, FilesOnly, ThisFolderSubfoldersAndFilesOneLevel, ThisFolderAndSubfoldersOneLevel, ThisFolderAndFilesOneLevel, SubfoldersAndFilesOnlyOneLevel, SubfoldersOnlyOneLevel, FilesOnlyOneLevel
  104. Required: False
  105. Position: Named
  106. Default value: None
  107. Accept pipeline input: True (ByPropertyName)
  108. Accept wildcard characters: False
  109. ```
  110. ### -InheritanceFlags
  111. {{ Fill InheritanceFlags Description }}
  112. ```yaml
  113. Type: InheritanceFlags
  114. Parameter Sets: PathComplex, SDComplex
  115. Aliases:
  116. Accepted values: None, ContainerInherit, ObjectInherit
  117. Required: False
  118. Position: Named
  119. Default value: None
  120. Accept pipeline input: True (ByPropertyName)
  121. Accept wildcard characters: False
  122. ```
  123. ### -PassThru
  124. {{ Fill PassThru Description }}
  125. ```yaml
  126. Type: SwitchParameter
  127. Parameter Sets: (All)
  128. Aliases:
  129. Required: False
  130. Position: Named
  131. Default value: None
  132. Accept pipeline input: False
  133. Accept wildcard characters: False
  134. ```
  135. ### -Path
  136. {{ Fill Path Description }}
  137. ```yaml
  138. Type: String[]
  139. Parameter Sets: PathComplex, PathSimple
  140. Aliases: FullName
  141. Required: True
  142. Position: 1
  143. Default value: None
  144. Accept pipeline input: True (ByPropertyName, ByValue)
  145. Accept wildcard characters: False
  146. ```
  147. ### -PropagationFlags
  148. {{ Fill PropagationFlags Description }}
  149. ```yaml
  150. Type: PropagationFlags
  151. Parameter Sets: PathComplex, SDComplex
  152. Aliases:
  153. Accepted values: None, NoPropagateInherit, InheritOnly
  154. Required: False
  155. Position: Named
  156. Default value: None
  157. Accept pipeline input: True (ByPropertyName)
  158. Accept wildcard characters: False
  159. ```
  160. ### -SecurityDescriptor
  161. {{ Fill SecurityDescriptor Description }}
  162. ```yaml
  163. Type: FileSystemSecurity2[]
  164. Parameter Sets: SDSimple, SDComplex
  165. Aliases:
  166. Required: True
  167. Position: 1
  168. Default value: None
  169. Accept pipeline input: True (ByPropertyName, ByValue)
  170. Accept wildcard characters: False
  171. ```
  172. ### CommonParameters
  173. This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
  174. ## INPUTS
  175. ### System.String[]
  176. ### Security2.FileSystemSecurity2[]
  177. ### Security2.IdentityReference2[]
  178. ### Security2.FileSystemRights2
  179. ### System.Security.AccessControl.AccessControlType
  180. ### System.Security.AccessControl.InheritanceFlags
  181. ### System.Security.AccessControl.PropagationFlags
  182. ### Security2.ApplyTo
  183. ## OUTPUTS
  184. ### Security2.FileSystemAccessRule2
  185. ## NOTES
  186. ## RELATED LINKS