This post is more than 5 years old
2 Posts
0
9053
Setting ACLs via powershell
Hello,
We're trying to automate creation of folders via powershell. After running through our script to get the right share, folder, etc we are calling this powershell script: http://www.powershell.nu/wp-content/uploads/2009/02/setfolderpermission.ps1
The command successfully can see if a folder exists and can create a folder however the "SetACL" function returns:
Creating \\SERVER\SHARE$\PATHINFO\USERX
Adding Permission: FullControl For: USERX
Set-Acl : Attempted to perform an unauthorized operation.
At C:\ISLONSCRIPTS\set-folderpermission.ps1:93 char:9
+ Set-Acl <<<< -aclobject $GetACL -Path $Path
+ CategoryInfo : PermissionDenied: (\\SERVER\SHARE$\PATHINFO\USERX:String) [Set-Acl], UnauthorizedA
ccessException
+ FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.SetAclCommand
It doesn't appear that the ISILON is responding to the "Set-Acl" cmdlet as expected. However through the windows GUI, this same permission can be granted using the same userid that the script is being run (so I don't think its a permissions issue).
I've also attempted to do some simple testing of the cmdlets using the examples from the TechNet site: http://technet.microsoft.com/en-us/library/hh849810.aspx
Get-Acl seems to return user access, ownership information, etc as expected. I also attempted to copy a set of ACLs from one folder on the isilon to another following example 1 from the above powershell Set-ACL site (cat and dog) however I still get the exact error as the setfoldermission.ps1 powershell script.
Any ideas/suggestions?
Casey Moore
2 Posts
0
September 6th, 2013 12:00
Working with an Isilon Rep we were given this info:
Administrators require "run as root" permission to run the setacl.exe utility on an Isilon cluster that is mapped as a network drive.
So we upgraded the user permission level on the Isilon for the user running the script to "run as root" and that fixed it.