Set Access Control List permissions from on a file (or object).
Syntax
Set-Acl [-path] string[] [-aclObject] ObjectSecurity
[-filter string]
[-Include String] [-Exclude String]
[-passThru] [-whatIf] [-confirm] [CommonParameters]
Key
-Path path
Path to the item to be changed {accepts wildcards}
-aclObject ObjectSecurity
An ACL with the desired property values.
-filter string
A filter in the provider's format or language.
The exact syntax of the filter (wildcard support etc) depends on the provider.
Filters are more efficient than -include/-exclude, because the provider
applies the filter when retrieving the objects, rather than having
PowerShell filter the objects after they are retrieved.
-include string
Include only the specified items from the Path. e.g. "May*"
this only works when the path includes a wildcard character.
-exclude string
Omit the specified items from the Path e.g. "*SS64*"
this only works when the path includes a wildcard character.
-passThru
Pass the object created by Set-Acl through the pipeline.
-whatIf
Describe what would happen if you executed the command without
actually executing the command.
-confirm
Prompt for confirmation before executing the command.
CommonParameters:
-Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutVariable.
Examples
Copy the security settings from Dog.txt to Cat.txt
PS C:\>$DogACL = get-acl c:\dog.txt
PS C:\>set-acl -path C:\cat.txt -AclObject $DogACL
Or the same thing with a pipeline:
PS C:\>get-acl c:\dog.txt | set-acl -path C:\cat.txt
Apply the same $DogACL to all the files in C:\Temp\ and all of its subdirectories:
PS C:\>get-childitem c:\temp -recurse -force | set-acl -aclobject $DogACL -whatif
"If it's a good idea - go ahead and do it. It is much easier to apoligize that it is to get permission" - Grace Murry Hopper
Related:
Get-Acl - Get permission settings for a file or registry key
Equivalent bash command: chmod - Change access permissions
