Grant NTFS security to a remote folder using WMI, Powershell.

I needed to adjust NTFS folder security using powershell on a remote folder.  The user was ‘LOCAL Service’.  The command contains the ` character, it’s a escape key for having double quotes inside a string.   Interesting way of powershell handling that.    Better than VBScript and Chr(34) etc..

 [String] $MachineName

$cmd=”cmd /c C:windowssystem32icacls.exe E:WWWLogsW3SVC1 /grant `”NT AuthorityLOCAL SERVICE:(OI)(CI)(M)`””
$process = [WMIClass]”\$serverROOTcimv2:Win32_Process

#$process.psbase.Scope.Options.Impersonation = [System.Management.ImpersonationLevel]::Impersonate
#$process.psbase.Scope.Options.Authentication = [System.Management.AuthenticationLevel]::PacketPrivacy

# get process id and returnValue

One thing I couldn’t get around was the command line arguments.  When I tried to launch powershell remotely using
$cmd=”powershell C:windowssystem32icacls.exe E:WWWLogsW3SVC1 /grant `”NT AuthorityLOCAL SERVICE:(OI)(CI)(M)`””, it wouldn’t work. 

I had to revert using cmd.exe to handle the process.  If a powershell guru know how to do that, please post. :)

Happy Powershelling.


2 thoughts on “Grant NTFS security to a remote folder using WMI, Powershell.

  1. Shay Levy

    Hi Steve, this worked for me:

    $cmd = “powershell -noprofile “”& icacls.exe c:test /grant ‘NT AuthorityLOCAL SERVICE:(OI)(CI)(M)’”””
    $process = [WMIClass]”\$serverROOTcimv2:Win32_Process”

  2. steve schofield

    Hi Shay,

    Excellent! I’ll give this a try today and see if I’m able to execute a powershell command remotely.

Comments are closed.