Yusuf Ozturk » iis7 modify directory powershell

Blogroll

Badges

Community

Setting Directory ACL for IIS7 Websites with Powershell

Posted in Hosting & IIS7, Windows Powershell | No Comment | 3,865 views | 16/12/2010 22:13

Advanced Directory ACL Powershell function for IIS7.

Function Set-DirACL
{
Param ($IUSRName, $Username, $Password, $ListRule, $Path, $ACLRule, $Description, $Directory)
 
    If ((Test-Path -Path $Path) -ne $True) 
    { 
        New-Item $Path -Type Directory
    }
 
    If ($ACLRule -eq "ReadAndExecute")
    {
	    $Account = New-Object System.Security.Principal.NtAccount("$IUSRName")
	    $ACL = Get-Acl -Path "$Path"
	    $Permission = "$Account","ReadAndExecute","ContainerInherit,ObjectInherit","None","Allow"
	    $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $Permission
	    $ACL.SetAccessRule($AccessRule)
            $ACL | Set-Acl "$Path"
    }
 
    If ($ACLRule -eq "Modify")
    {
	    $Account = New-Object System.Security.Principal.NtAccount("$IUSRName")
	    $ACL = Get-Acl -Path "$Path"
	    $Permission = "$Account","Modify","ContainerInherit,ObjectInherit","None","Allow"
	    $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $Permission
	    $ACL.SetAccessRule($AccessRule)
            $ACL | Set-Acl "$Path"
    }
 
    If ($ListRule -eq "ListFolders")
    {
           Set-WebConfigurationProperty System.WebServer/DirectoryBrowse IIS:\Sites\$Description\$Directory -Name Enabled -Value True
    }
 
    If ($ListRule -eq "NotListFolders")
    {
           Set-WebConfigurationProperty System.WebServer/DirectoryBrowse IIS:\Sites\$Description\$Directory -Name Enabled -Value False
    }
}

I won’t explain arguments because they are clear to understand.