none
ForEach to set permissions for multiple Users - Error RRS feed

  • Question

  • Hello,

    I'm new to PS and trying to set a script to set perms on a registry key.  It works for the 'system' account, but when I add in other users, I get an error.  "exception calling "AddAccessRule" with "1" arguments: "some or all identity references could not be translated." 

    #Set Registry Permissions
    #first, set the target for the perms change
    $regtarget = "HKLM:\software\microsoft\windows nt\currentversion\winlogon\Target"
    #Next, collet the existing perms
    $racl = get-acl $regtarget
    #define the users who will have full access
    $users='System','TrustedInstaller','domain\Administrators'
    Foreach ($user in $users)
        {
        #create the rule that will be executed to give the user permissions
        $regaccessRule = New-Object System.Security.AccessControl.RegistryAccessRule $user,'FullControl','ContainerInherit,ObjectInherit','None','Allow'
        #now execute and write permissions
        $racl.addaccessrule($regaccessRule)
        $racl | Set-Acl $regtarget
        }
    
    If I comment out the second two users, no errors.  What have I missed?
    • Moved by Bill_Stewart Wednesday, November 29, 2017 6:40 PM This is not "teach me Windows file system security" forum
    Wednesday, October 11, 2017 7:52 PM

All replies