PDQ Deploy to change folder permissions at the user level
Hello Everyone,
I am using a powershell script via PDQ Deploy to edit the permissions on a folder on a users computer. I have a script running in VS that prompts for username, hostname, and it can build the path and work correctly. Example -
$ACLPath = "\\$hostname\c`$\users\$username\AppData\Roaming\TestFolder"
I'm trying to fully automate this, with the end result being able to deploy this to entire PDQ Inventory groups to "open" or "close" user access to this folder.
My idea for the PDQ job is to remove the "prompt" for username and hostname. With PDQ, I should be able to use some form of "C:\Users\$env:username" to build the path instead.
The problem:
Since I use the $env:username, I can't set the PDQ job to run as deploy (admin) user, I need to run it as Local Logged on User... which doesn't have the permissions to edit the folder. But if I run the job as Deploy user, it will pull the admin username, and won't be able to make the correct path.
I'm completely open to suggestions on this one, as I'm a bit stumped on how I can use it with PDQ.
Thanks!
1
Comments
Thinking at a high level (because I couldn't write it from scratch myself yet), how about:
There must be places in the registry or filesystem where all user accounts have both read and write access.
Mike, I want to give you a big thank you. This resolved my ticket. Here's how I got it to work:
That's a clever solution. Thanks for sharing!