Set-LapsFolderPM

1.0.0

Set-LapsFolderPM.ps1

                                <#PSScriptInfo

.VERSION 1.0.0

.GUID 606b4f05-676e-4b93-8d0a-745e3a0c13d0

.AUTHOR Kalichuza

.DESCRIPTION

Sets correct folder permissions for LAPS GPO install

.COMPANYNAME

.COPYRIGHT

.TAGS

.LICENSEURI

.PROJECTURI

.ICONURI

.EXTERNALMODULEDEPENDENCIES

.REQUIREDSCRIPTS

.EXTERNALSCRIPTDEPENDENCIES

.RELEASENOTES

.PRIVATEDATA

#>

function Set-LapsFolderPermissions {

    [CmdletBinding()]

    param (

        [Parameter(Mandatory = $true)]

        [string]$FolderPath

    )

    # Validate that the folder exists

    if (-not (Test-Path -Path $FolderPath)) {

        Write-Error "The folder path '$FolderPath' does not exist."

        return

    }

    try {

        # Get the current ACL

        $acl = Get-Acl -Path $FolderPath

        # Define the access rule for 'Domain Computers' with Read and Execute permissions

        $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(

            "Domain Computers",

            "ReadAndExecute",

            "ContainerInherit, ObjectInherit",

            "None",

            "Allow"

        )

        # Add the new access rule

        $acl.SetAccessRule($accessRule)

        # Apply the updated ACL to the folder

        Set-Acl -Path $FolderPath -AclObject $acl

        Write-Host "Permissions successfully updated for '$FolderPath'."

    }

    catch {

        Write-Error "An error occurred: $_"

    }

}