下面是我用于删除特殊 NTFS 权限的代码
Foreach($folder in $path) {
icacls $folder /inheritance:d
Get-ChildItem -Path $folder -Recurse | ?{$_.PSisContainer} | foreach {$subfolder = $_.FullName; icacls $subfolder /inheritance:d}[![enter image description here][1]][1]
}
# Check the existing rights
$acl.Access | where IdentityReference -Like 'BUILTIN\Users'
# Get a list of the rules to remove
$rules = $acl.access | Where-Object {
!$_.IsInherited -and
$_.IdentityReference -like 'BUILTIN\Users' -and
$_.FileSystemRights -in 'CreateFiles, AppendData'
}
# Remove those rules from the ACL object
ForEach($rule in $rules) {
$acl.RemoveAccessRule($rule)
}
# Check that the remaining rules look good:
$recheckpermissions = $acl.Access
# Finally, set the ACL
Set-Acl -Path $path -AclObject $acl
此代码适用于 ROOT 文件夹(例如,在我的情况下为 C:\IBM),但它不会删除此下的子文件夹的相同代码。请让我知道这里有什么问题
根文件夹
子文件夹
