tseed
/
redhat_cloudforms_azure_arm_ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
redhat_cloudforms_azure_arm.../ansible-netapp-qtree-provison/templates/ps_acl.ps1.j2

22 lines
996 B
Django/Jinja
Executable File
Raw Blame History

#define share
$share = "\\{{ netapp_svm_host }}\{{ volume_name }}\{{ qtree_name }}"
#block inheritance from parent netapp volume and remove inherited permissions
$acl = Get-Acl $share
$acl.SetAccessRuleProtection($true,$false)
$acl | Set-Acl $share
#set ownership for netapp account BUILTIN\Administrators
$acl = Get-Acl $share
$object = New-Object System.Security.Principal.Ntaccount("BUILTIN\Administrators")
$acl.SetOwner($object)
$acl | Set-Acl $share
#set permissions for members with inheritance for subfolders and files
{% for item in object_attributes %}
$acl = Get-Acl $share
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("{{ domain }}\{{ item.name }}","ExecuteFile, ReadData,ReadAttributes,ReadExtendedAttributes,Createfiles,AppendData,WriteAttributes,WriteExtendedAttributes,DeleteSubdirectoriesAndFiles,Delete,ReadPermissions","ContainerInherit, ObjectInherit","InheritOnly","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl $share
{% endfor %}
Reference in New Issue View Git Blame Copy Permalink