Newbie to powershell i am just doing search and modify the code little, I am trying to set a permission FULL Control to our shared users folder (per user per folder permission). I managed to add a new folder and new user but the permission is not checked in the folder assigned. Please assist Thank you

# Import the CSV file
$csvFilePath = "C:\\path\\folders.csv"
$folders = Import-Csv -Path $csvFilePath

# Loop through each row in the CSV
foreach ($folder in $folders) {
    # Create the folder on the remote server
    $folderPath = "\\ypdcwnwinfs001\\H$\\Home" + $folder.FolderName
    New-Item -ItemType Directory -Path $folderPath -Force

    # Set permissions for the folder
    
    $acl = Get-Acl -Path $folderPath
    $user = $folder.users
    $permission = "FullControl"   #,"Read","Write","Modify" # Can be Read, Write, Modify, FullControl
    $accessType = "Allow"
    # Create a new access rule
    $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($user, $permission, $accessType)
    
    # Add the access rule to the folder's ACL
    $acl.SetAccessRule($accessRule)
    $acl.AddAccessRule($accessRule)
    
    
    # Set the new ACL for the folder
    Set-Acl -Path $folderPath -AclObject $acl

}

I am expecting to apply full control permission to users folder but i am getting error:

Exception calling "AddAccessRule" with "1" argument(s): "Some or all identity references could not be translated."

Newbie to powershell i am just doing search and modify the code little, I am trying to set a permission FULL Control to our shared users folder (per user per folder permission). I managed to add a new folder and new user but the permission is not checked in the folder assigned. Please assist Thank you

# Import the CSV file
$csvFilePath = "C:\\path\\folders.csv"
$folders = Import-Csv -Path $csvFilePath

# Loop through each row in the CSV
foreach ($folder in $folders) {
    # Create the folder on the remote server
    $folderPath = "\\ypdcwnwinfs001\\H$\\Home" + $folder.FolderName
    New-Item -ItemType Directory -Path $folderPath -Force

    # Set permissions for the folder
    
    $acl = Get-Acl -Path $folderPath
    $user = $folder.users
    $permission = "FullControl"   #,"Read","Write","Modify" # Can be Read, Write, Modify, FullControl
    $accessType = "Allow"
    # Create a new access rule
    $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($user, $permission, $accessType)
    
    # Add the access rule to the folder's ACL
    $acl.SetAccessRule($accessRule)
    $acl.AddAccessRule($accessRule)
    
    
    # Set the new ACL for the folder
    Set-Acl -Path $folderPath -AclObject $acl

}

I am expecting to apply full control permission to users folder but i am getting error:

Exception calling "AddAccessRule" with "1" argument(s): "Some or all identity references could not be translated."

• powershell

• 4 Can you give examples of $folder.users ? Are these a single user or multiple ? If you can add an example of how your CSV looks like it might give a hint on whats wrong – Santiago Squarzon Commented Mar 23 at 23:12
• 1 Given the error message and the outcome, the problem is almost certainly with the content of the users columns of your .csv. Please share a few lines of the data (anonymise as needed without changing the structure substantially). – Grismar Commented Mar 23 at 23:20
• 1 @jdweng: H$ inside "\\ypdcwnwinfs001\\H$\\Home" does not result in expansion (string interpolation), as you can easily verify yourself (while it's conceptually better to `-escape all $ chars. meant to be used literally inside "....", it is technically only necessary for those $ instances that are followed by character(s) that would be legal in a variable name; and, yes, if expansion isn't needed, '...' quoting is preferable). In other words: your explanation is incorrect and amounts to a distraction. – mklement0 Commented Mar 24 at 3:12
• 2 @jdweng - in the OP’s specific string value, the dollar doesn’t need to be escaped even though the string is double quoted. Try it yourself and see… – mclayton Commented Mar 24 at 8:09
• 1 BTW. You are also missing the InheritanceFlags and PropagationFlags parameters in your AccessRule. See this answer and this one and this one too and.. – Theo Commented Mar 24 at 9:48

1 Answer 1

Regarding the exception raised Exception calling "AddAccessRule" with "1" argument(s): "Some or all identity references could not be translated.", without citing part of the content of the CSV file, it will not be possible to have a good analysis of the cause of the error.

# The post is not clear whether the "Users" attribute is just one user or whether it can be multiple users. This part of the code was placed to avoid the most general case, which would be multiple users.

$folder = @{
    FolderName = 'homeuser'
    Users = 'domain\user1', 'domain\user2'
}

# Initialize variable
$folderRoot = '\\ypdcwnwinfs001\H$\Home'
$folderPath = $folderRoot + '\' + $folder.FolderName
$acl = Get-Acl -LiteralPath ( New-Item -ItemType Directory -Path $folderPath -Force )
$permission = 'FullControl'
$accessType = 'Allow'
$inheritance = 'ContainerInherit', 'ObjectInherit'
$propagation = 'None'

# Create the object as an access rule for each user and add to the ACL
Foreach ( $user in $folder.Users ) {
    $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule( $user, $permission, $inheritance, $propagation, $accessType )
    $acl.AddAccessRule( $accessRule )
}

# Disable inheritance without copying permission
$acl.SetAccessRuleProtection( $true, $false )

# Write the new ACLs 
Set-Acl -Path $folderPath -AclObject $acl

I used an online translator. I apologize for not being fluent in the language.