We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Disallow users to change permissions on their home folders

February 24, 2021 Views: 1985

The script can be used in business rules, scheduled tasks and custom commands to disallow users to change permissions on their home folders.

Edit Remove
# Get home directory folder
    $homeFolder = $Context.TargetObject.Get("homeDirectory")
    $Context.LogMessage("The user does not have a home directory.", "Warning") # TODO: modify me

# Get the user's SID
$userSidBinary = $Context.TargetObject.Get("objectSid")
$userSid = New-Object System.Security.Principal.SecurityIdentifier($userSidBinary, 0)

# Deny the permission to change security for the home folder
$homeFolderACL = Get-Acl $homeFolder
$acl = New-Object System.Security.AccessControl.FileSystemAccessRule($userSid,"ChangePermissions","ContainerInherit,ObjectInherit","None","Deny")

Set-Acl -path $homeFolder $homeFolderACL
Comments 0
Leave a comment

Got questions?

Support Questions & Answers