pramodsk 9:00 pm on March 24, 2016 Remove All Permission for a Folder function Remove-All-Permissions { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$Path ) $acl = Get-Acl $Path $isProtected = $true $preserveInheritance = $false $acl.SetAccessRuleProtection($isProtected, $preserveInheritance) Set-Acl -Path $Path -AclObject $acl $allusers = (Get-Acl $Path).Access foreach($val in $allusers) { Write-Host $val.IdentityReference.Value ” ” $val.FileSystemRights Set-TargetResource -Path $Path -Account $val.IdentityReference.Value -Rights $val.FileSystemRights -Ensure “Absent” } } function Set-TargetResource { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$Path, [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [String]$Account, [Parameter()] [ValidateNotNullOrEmpty()] [String]$Rights, [Parameter()] [ValidateSet(“Present”, “Absent”)] [String]$Ensure = “Present”, [Parameter()] [ValidateSet(“Allow”, “Deny”)] [String]$Access = “Allow”, [Parameter()] [Bool]$NoInherit = $false ) $InheritFlag = if($NoInherit){ “None” }else{ “ContainerInherit, ObjectInherit” } $DesiredRule = New-Object System.Security.AccessControl.FileSystemAccessRule($Account, $Rights, $InheritFlag, “None”, $Access) $CurrentACL = (Get-Item $Path).GetAccessControl(“Access”) if($Ensure -eq “Present”) { $CurrentACL.AddAccessRule($DesiredRule) Set-Acl $Path $CurrentACL } else { $CurrentRules = $CurrentACL.GetAccessRules($true, $false, [System.Security.Principal.NTAccount]) $Match = $CurrentRules |?{ ($DesiredRule.IdentityReference -eq $_.IdentityReference) -and ( $DesiredRule.FileSystemRights -eq $_.FileSystemRights) -and ( $DesiredRule.AccessControlType -eq $_.AccessControlType) -and ( $DesiredRule.InheritanceFlags -eq $_.InheritanceFlags )} $Match | % {[void]$CurrentACL.RemoveAccessRule($_)} Set-Acl $Path $CurrentACL } } Remove-All-Permissions “C:\mytestfolder”