Grant NTFS security to a remote folder using WMI, Powershell.

I needed to adjust NTFS folder security using powershell on a remote folder.  The user was ‘LOCAL Service’.  The command contains the ` character, it’s a escape key for having double quotes inside a string.   Interesting way of powershell handling that.    Better than VBScript and Chr(34) etc..

 [String] $MachineName

$cmd=”cmd /c C:windowssystem32icacls.exe E:WWWLogsW3SVC1 /grant `”NT AuthorityLOCAL SERVICE:(OI)(CI)(M)`””
$process = [WMIClass]”\$serverROOTcimv2:Win32_Process

#$process.psbase.Scope.Options.Impersonation = [System.Management.ImpersonationLevel]::Impersonate
#$process.psbase.Scope.Options.Authentication = [System.Management.AuthenticationLevel]::PacketPrivacy

# get process id and returnValue

One thing I couldn’t get around was the command line arguments.  When I tried to launch powershell remotely using
$cmd=”powershell C:windowssystem32icacls.exe E:WWWLogsW3SVC1 /grant `”NT AuthorityLOCAL SERVICE:(OI)(CI)(M)`””, it wouldn’t work. 

I had to revert using cmd.exe to handle the process.  If a powershell guru know how to do that, please post. 🙂

Happy Powershelling.


2 thoughts on “Grant NTFS security to a remote folder using WMI, Powershell.”

  1. Hi Steve, this worked for me:

    $cmd = “powershell -noprofile “”& icacls.exe c:test /grant ‘NT AuthorityLOCAL SERVICE:(OI)(CI)(M)'”””
    $process = [WMIClass]”\$serverROOTcimv2:Win32_Process”


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: