我要评论默认目录的权限是继承父目录的,你当然可以关闭它的继承和分配指定的权限。
下面例子创建了“permissionnoinheritance”的文件夹,允许当前用户读取,同时管理员组获得其所有管理权限,并关闭它的继承。
# create folder $path = 'c:\permissionnoinheritance' $null = new-item -path $path -itemtype directory -erroraction silentlycontinue # get current permissions $acl = get-acl -path $path # add a new permission for current user $permission = $env:username, 'read,modify', 'containerinherit, objectinherit', 'none', 'allow' $rule = new-object -typename system.security.accesscontrol.filesystemaccessrule -argumentlist $permission $acl.setaccessrule($rule) # add a new permission for administrators $permission = 'administrators', 'fullcontrol', 'containerinherit, objectinherit', 'none', 'allow' $rule = new-object -typename system.security.accesscontrol.filesystemaccessrule -argumentlist $permission $acl.setaccessrule($rule) # disable inheritance $acl.setaccessruleprotection($true, $false) # set new permissions $acl | set-acl -path $path
发表评论