For my Powershell moment today, I have been working with setting file permissions. I had a problem trying to get permissions changes made to one folder to propagate down to all child items. I didn’t really want to wipe out anything below, and I wasn’t using any SDDL creation/twiddling approaches this time. Just a simple AddAccessRule that needed to be pushed down to all subfolders and files and still be marked as inherited.

I finally found a solution by pulling the ACL from each child item, doing a SetAccessRuleProtection($false,$true) and then setting the ACL back onto the child item. This basically seems to force the ACL to be refreshed, which then pulls down stuff that should be inherited.

foreach ($i in get-childitem $strTarget -recurse -force)
{
$objNewACL = get-acl $i.FullName
$objNewACL.SetAccessRuleProtection($false,$true)
set-acl $i.FullName -aclobject $objNewACL
}