Score:0

Error while transferring file permissions

cn flag

I ran into a problem, wrote a script that compresses pdf files through a program and transfers rights to a new file by copying from the old one to differentiate access to new files. Here is the part of the code that I have is the problem

$owner = $origFile.GetAccessControl().GetOwner([System.Security.Principal.SecurityIdentifier])
             $newFile = Get-Item -Path $PathoutFile
             $FileSecurity = new-object System.Security.AccessControl.FileSecurity
             $FileSecurity.SetOwner($owner)
             [System.IO.File]::SetAccessControl($newFile, $FileSecurity)
             Get-Acl -Path $origFile | Set-Acl -Path $newFile

My problem is this: I execute the script using domain administrator privileges, everything works fine. If I use a domain user account and grant maximum rights to the directory, a compressed file is saved in it, and in this case I get the error “Attempt to perform an unauthorized operation. I do not want to run the script under the administrator account for a simple reason, I believe that such rights are redundant to perform this operation. I am learning and making mistakes, but I want to learn how to write good scripts and competently manage the required access rules for their work, so I ask you to help me figure out what I need to do so that the rights are assigned when using the script. I searched for information on google on this issue but did not find comprehensive information. I found information that you can’t do without administrator rights to change the owner, but I don’t understand why I can’t transfer the rights to a new file in this case. Please help me in solving this problem. Setting the owner from the old file to the new file is an optional task. P.s actions are performed on a network share and the user under which the script is running has full access. The network folder is located on Win Serv 2008 SP2 and the script is run on Windows 10 Pro. Thanks in advance.

Score:0
cn flag

I myself found a solution to my main problem using the NTFSSecurity PowerShell module. The transfer of access rights was performed using the Get-NTFSAccess $filein | Add-NTFSAccess $fileout

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.