What the script Does –
Task 1 –
- It Creates Folder
- It creates an Active Directory Group Folder_R (Read Groups)
- It creates an Active Directory Group Folder_W (Write Groups)
- Notes Field Updated with Service Request
- Managed By Field is Updated with the folder owner
Yo have the Groups Created.
Notes Updated in the Group
Sets the Managed By Attribute
Current Folder Permission –
Task 2 –
- Removes Root Folder Inheritance
- Remove Access of BUILTIN\Users from the Folder
- Places a Deny Permission for FolderName_W Groups so they cannot delete the root folder.
- Add OWNER RIGHTS
- Provides Read permission on the folder for FolderName_R group.
- Provides Write permission on the folder for FolderName_W group.
Things to be updated in the Script –
- Folder Paths
Do Proper Testing. Permissions are Scary. Use it wisely with proper Knowledge of the environment.
Run it on LAB before being run on production.
- Using SamAccount Name to Remove Folders from FileServer
- Invoking Scripts from Different Servers