Howto set permissions on disk under mountpoint powershell?
I have three file servers and need to automate tasks regarding setting permissions on folders on these.
I have no problems setting permissions on the folders of the mountpoints, but cannot find a way to do this on root on the physical disks under the mountpoints. Via the GUI, you can do this task using two different methods.
1. Via disk management locally on the fileserver(rightclick on physical disk-> security
2. Right-click on mount point -> properties of mount point -> security ( if this is done on a remote server the properties button is greyed out)
How can this be done in powershell? Will it be possible to do from a remote server? I have tried this so far:
$server = fileserver1
$dep = testmp
$depgroup= "domain\testgroup"
$disk = Get-WmiObject Win32_Volume -Computer $server -Filter "Label = '$dep'"
$path = $disk + (Missing something here to get the job done)
$perm_string = $depgroup + ":(OI)(CI)(RX)"
icacls $path /grant $perm_string | Out-Null
May 15th, 2013 12:12pm
Hi,
Check if you havem't checed
http://jthys.wordpress.com/2010/09/04/microsoft-volume-mount-points-list-folder-permissions/
http://social.technet.microsoft.com/Forums/en-US/winserverpowershell/thread/378d6841-4d9c-432d-a94f-f8057b64c024Kottees : My Blog : Please mark it as an answer if it really helps you.
Free Windows Admin Tool Kit Click here and download it now
May 15th, 2013 2:45pm
Hi,
Check if you havem't checed
http://jthys.wordpress.com/2010/09/04/microsoft-volume-mount-points-list-folder-permissions/
http://social.technet.microsoft.com/Forums/en-US/winserverpowershell/thread/378d6841-4d9c-432d-a94f-f8057b64c024
Kottees : My Blog : Please mark it as an answer if it really helps you.
First link has nothing to do with my problem. This guy had a problem with the link between a mount point and the the disk underneath. This is created automatically if you make the mountpoint from disk management.
Second link does the thing alright, but the problem is to get the volumeID from a remote server. This script is probably run locally.
I can get the volume by using
$disk = Get-WmiObject Win32_Volume -Computer $server -Filter "Label = '$dep'"
Then how do I get to the volumeID without breaking the link to the server? Maybe gwmi is not the right way to do this? This is the output of the above command, what to use and how to use it that
is the question?
__GENUS : 2
__CLASS : Win32_Volume
__SUPERCLASS : CIM_StorageVolume
__DYNASTY : CIM_ManagedSystemElement
__RELPATH : Win32_Volume.DeviceID="\\\\?\\Volume{86fa08c3-a268-11e0-a967-005056b80077}\\"
__PROPERTY_COUNT : 44
__DERIVATION : {CIM_StorageVolume, CIM_StorageExtent, CIM_LogicalDevice, CIM_LogicalElement...}
__SERVER : FILESERVER1
__NAMESPACE : root\cimv2
__PATH : \\FILESERVER1\root\cimv2:Win32_Volume.DeviceID="\\\\?\\Volume{86fa08c3-a268-11e0-a967-005056b80077}\\"
Access :
Automount : True
Availability :
BlockSize : 4096
BootVolume : False
Capacity : 134214578176
Caption : E:\TestMP\
Compressed : False
ConfigManagerErrorCode :
ConfigManagerUserConfig :
CreationClassName :
Description :
DeviceID : \\?\Volume{86fa08c3-a268-11e0-a967-005056b80077}\
DirtyBitSet : False
DriveLetter :
DriveType : 3
ErrorCleared :
ErrorDescription :
ErrorMethodology :
FileSystem : NTFS
FreeSpace : 133199343616
IndexingEnabled : True
InstallDate :
Label : TESTMP
LastErrorCode :
MaximumFileNameLength : 255
Name : E:\TESTMP
NumberOfBlocks :
PageFilePresent : False
PNPDeviceID :
PowerManagementCapabilities :
PowerManagementSupported :
Purpose :
QuotasEnabled : False
QuotasIncomplete : False
QuotasRebuilding : False
SerialNumber : 3960653145
Status :
StatusInfo :
SupportsDiskQuotas : True
SupportsFileBasedCompression : True
SystemCreationClassName :
SystemName : FILESERVER1
SystemVolume : False
May 15th, 2013 5:00pm
Well, I have investigated a little further, and have found out that by using invoke-command I can run the command on a remote server. But I am not able to run the command with the variables I provide. This boils down to powershell syntax, and I have
used every possible combination to get this straight but to no avail.
$server = fileserver1
$dep = testmp
$depgroup= "domain\testgroup"
$disk = Get-WmiObject Win32_Volume -Computer $server -Filter "Label = '$dep'"
$path = $disk.DeviceID
$perm_string = $depgroup + ":(OI)(CI)(RX)"
Invoke-Command -computer $server -scriptblock {& icacls $path /grant $perm_string} <- This does not work
The last command works if I write it like this:
Invoke-Command -computer $server -scriptblock {& icacls '\\?\Volume{86fa08c3-a268-11e0-a967-005056b80077}\ /grant 'testgroup:(OI)(CI)(RX)'}
Both the $path and the $perm_string shows the correct values.
Free Windows Admin Tool Kit Click here and download it now
May 16th, 2013 3:25pm
Hi,
Maybe this will help:
http://blogs.msdn.com/b/powershell/archive/2009/12/29/arguments-for-remote-commands.aspx
May 19th, 2013 7:48pm