Hi
I've been working on a script to remove permissions from folders. I use get-acl and set-acl for this. However, get-acl returns the same rule name two or even three times.
Code:
Function Remove($P1)
{
#---Param
[String]$Folder = $P1
[String]$RuleString = ""
#---Disable inheritance
DisableInhertiance $Folder
$ACL = Get-ACL $Folder
$AllRules = $ACL.Access | Select-Object -ExpandProperty IdentityReference
ForEach($Rule in $AllRules)
{
Write-Host $Rule
if($Rule -notmatch "admin" -and $Rule -match "PFS\\")
{
$RuleString = $Rule
$ACL.Access | Where {$_.IdentityReference -eq $RuleString} | %{$ACL.RemoveAccessRule($_)}
Try
{
Set-Acl $Folder $ACL -ErrorActionPreference SilentlyContinue
}
Catch
{
WriteToLog "Rule $RuleString couldn't be removed from folder $Folder."
}
}
}
}Any ideas here?
Regards