-
Notifications
You must be signed in to change notification settings - Fork 13
/
install.ps1
33 lines (29 loc) · 1.28 KB
/
install.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Write-Host 'creating kptnhook directories @ C:\kptnhook if not exists'
md -Force 'C:\kptnhook'
md -Force 'C:\kptnhook\Ship'
md -Force 'C:\kptnhook\Data'
function allow-dir {
param ([string]$path, [string]$ident)
#$user = [Security.Principal.NTAccount]::new($ident).Translate([System.Security.Principal.SecurityIdentifier])
$user = [Security.Principal.NTAccount]::new("ALL RESTRICTED APPLICATION PACKAGES").Translate([System.Security.Principal.SecurityIdentifier])
Write-Host $user
$rule = [Security.AccessControl.FileSystemAccessRule]::new($user, "ReadAndExecute", "Allow")
$acl = Get-Acl $path
$acl.SetAccessRule($rule)
Set-Acl -Path $path -AclObject $acl
}
foreach($path in Get-ChildItem 'C:\kptnhook') {
allow-dir $path 'ALL RESTRICTED APPLICATION PACKAGES'
# allow-dir $path 'EVERYONE'
}
$NewAcl = Get-Acl -Path 'C:\kptnhook'
# Set properties
$identity = "BUILTIN\Everyone"
$fileSystemRights = "Read"
$type = "Allow"
# Create new rule
$fileSystemAccessRuleArgumentList = $identity, $fileSystemRights, $type
$fileSystemAccessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $fileSystemAccessRuleArgumentList
# Apply new rule
$NewAcl.SetAccessRule($fileSystemAccessRule)
Set-Acl -Path 'C:\kptnhook' -AclObject $NewAcl