CablersPowershellServers

1.0.2

src/Public/Repair-FolderPermissions.ps1

                                <#

    .SYNOPSIS

        Repairs permissions for a user's home folder.

    .DESCRIPTION

        The Repair-HomeFolderPermissions function sets the specified home folder's permissions to give System, User, and Administrator(s) full control permissions.

    .PARAMETER HomeFolder

        [Mandatory] The path to the home folder whose permissions are to be repaired.

    .PARAMETER Username

        [Mandatory] The username associated with the home folder.

    .EXAMPLE

        Repair-HomeFolderPermissions -HomeFolder "\\DC-SVR2\Home$\JohnDoe" -Username "JohnDoe"

        Sets the permissions for John Doe's home folder.

    .NOTES

        It's recommended to run this function with administrative privileges to ensure it can successfully take ownership and modify permissions of the profile folder.

    #>

Function Repair-FolderPermissions {

    [CmdletBinding()]

    Param (

        [Parameter(mandatory = $true)]

        [ValidateNotNullOrEmpty()]

        [String] $Path,

        [Parameter(mandatory = $true)]

        [ValidateNotNullOrEmpty()]

        [String] $Username

    )

    Begin {

        If (-not (Test-Path $Path -ErrorAction SilentlyContinue)) {

            Throw "The path $Path does not exist."

        }

        # We will need to be an administrator to set permissions on the folder

        Test-IsAdmin

    }

    Process {

        Set-Owner -Path $Path -Owner "BUILTIN\Administrators"

        $rules = @(

            @{Identity = $Username; FileSystemRights = "FullControl" },

            @{Identity = "SYSTEM"; FileSystemRights = "FullControl" },

            @{Identity = "Administrators"; FileSystemRights = "FullControl" },

            @{Identity = "Administrator"; FileSystemRights = "FullControl" },

            @{Identity = "Cablers"; FileSystemRights = "FullControl" }

        )

        foreach ($rule in $rules) {

            Write-Verbose "    Adding home folder access rule - $($rule.Identity) - $($rule.FileSystemRights)" -ForegroundColor Yellow

            $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(

                $rule.Identity,

                $rule.FileSystemRights,

                "ContainerInherit,ObjectInherit", # Apply to all subfolders and files

                "None", # No inheritance

                "Allow" # Allow the access rule

            )

            $ACL.AddAccessRule($accessRule)

        }

        Try {

            Set-Acl -Path $Path -AclObject $ACL

        }

        Catch {

            Throw "Failed to set ACL on $Path for $Username. $_"

        }

    }

    End {

    }

}