Home > Enterprise >  Set folders permissions with a foreach using a csv
Set folders permissions with a foreach using a csv

Time:10-01

Based in a csv file like this i create this users and his folder:

user,password,name
fcuadrado,P@assword,Paco Cuadrado
rita,1234@ASIR,Rita la cantaora
ccoton,Asir1234,Carmelo Conton

i create the users in localhost:

foreach ($users in (Import-Csv .\usuarios.csv)){
$securepassword = ConvertTo-SecureString  "$users.password" -AsPlainText -Force
New-LocalUser -Name $users.user-Password $securepassword-FullName $users.name
}

And the folders:

foreach ($users in (Import-Csv .\users.csv)){
New-Item -Name $users.user-Path C:\users-ItemType Directory
}

I was trying this but the loop cant cath the user from the csv

 foreach ($users in (Import-Csv .\users.csv)){
    $acl = Get-Acl -Path c:\users\$($users.user)
    $acl.SetAccessRuleProtection($true,$false)
    $acl.Access | ForEach-Object { $acl.RemoveAccessRule($_) | Out-Null }
    $ace = New-Object System.Security.Accesscontrol.FileSystemAccessRule ($($users.user), "FullControl", "ContainerInherit,ObjectInherit", "InheritOnly", "Allow")
    $acl.AddAccessRule($ace)
    Set-Acl -Path "c:\users\$($users.user)" -AclObject $acl
    }

I want to set the permissions with the foreach that i used to create the folders and users. once the users problem is fixed, it does not loop me for each user and gives the permissions of all folders to a user instead of each user with a folder name as its user

Get-Acl -Path c:\usuarios\fcuadrado

This give me the permissions to ccoton.

CodePudding user response:

There are a couple of problems you need to look at.
The first one is your CSV file. In the example you are using a comma as a delimiter.
Depending on the culture your PS is running on, the delimiter could be different. So explicitly declare it using the -Delimiter parameter:

$userData = Import-Csv -Path '.\usuarios.csv' -Delimiter ','

After that, check if $userData is indeed a PSObject or an array of, so you can call the properties directly.

Second problem is with your parameter declaration at New-LocalUser.
Object properties cannot be accessed inside a string without isolation.
This is wrong:

New-LocalUser -Name "$user.User" -Password $secpass -FullName "$user.Name"

This works:

New-LocalUser -Name $user.User -Password $secpass -FullName $user.Name

# Alternatively
New-LocalUser -Name "$($user.User)" -Password $secpass -FullName "$($user.Name)"

CodePudding user response:

Then why use multiple foreach loops anyway and not simply do all inside one foreach loop?

foreach ($user in (Import-Csv .\users.csv)) {
    $account = $user.user  # just for convenience
    $securepassword = $user.password | ConvertTo-SecureString -AsPlainText -Force
    New-LocalUser -Name $account -Password $securepassword -FullName $user.name

    # create the path for the userfolder and store in a variable for re-use
    $userFolder = Join-Path -Path 'C:\Users' -ChildPath $account
    $null = New-Item -Path $userFolder -ItemType Directory -Force

    $acl = Get-Acl -Path $userFolder
    $acl.SetAccessRuleProtection($true, $false)
    $acl.Access | ForEach-Object { $acl.RemoveAccessRule($_) | Out-Null }
    $ace = [System.Security.Accesscontrol.FileSystemAccessRule]::new($account, "FullControl", "ContainerInherit,ObjectInherit", "InheritOnly", "Allow")
    $acl.AddAccessRule($ace)
    $acl | Set-Acl -Path $userFolder 
}

Page link:https//www.codepudding.com/Enterprise/562257.html

Prev:How do you use the LastEvaluatedKey as the ExclusiveStartKey in AWS CLI
Next:Extract the values of a column and put then into an array
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding