Take Ownership of paths from PowerShell

Posted by robd on April 25, 2023
powershell / No Comments


Had a requirement to take ownership of a long list of windows file paths which were conviently in a csv file like this:



So I used the following PowerShell and NTFSSecurity module.

#import this first (run powershell as Admin)
#Install-Module -Name NTFSSecurity

#Fill out the csv with all the paths you want to change

Import-CSV "C:\Temp\scripts\permissions.csv" |
    Add-NTFSAccess -Path $_.path -Account -AccessRights FullControl
    Set-NTFSOwner -Path $_.path -Account



Tags: , ,

HP Switch – Access control Lists

Posted by robd on April 04, 2014
Networking / 1 Comment

Hi All,

We’ve recently implemented a BYOD wireless SSID for end users to check facebook or what ever it is they do.  As we’re short on resources we had to use existing DC’s to doll out IP’s but we were obviously worried around users “hacking” into the system.  So first thing we did was create a VLAN and assigned it to the wireless then applied several access control lists (ACL’s) to the core switch limiting the access to only the DC’s, proxy, core switch, each other and firewall then blocked the rest:

Firstly check the subnet mask of the VLAN you want to apply the ACL too as the wildcard/subnet address in the ACL will change dependant of the subnet.

The below example will use a subnet mask of (the bits in red are notes only – do not try and apply them)

Logon to a switch and go into config mode:

#Here we specify the ACL will be extended rather than standard then we create a name for the ACL 
ip access-list extended NEWACL      
#The below rules specify what servers the users on the ACL  can have access too:
10 permit ip
15 permit ip
20 permit ip
25 permit ip
30 permit ip
31 permit ip
35 permit ip
#The below denies access to certain subnets
50 deny ip
55 deny ip
57 deny ip
#This final permit allows access to itself and therefor out of its network to other networks:
60 permit ip
#Apply this ACL to a vlan, in this case 3241:
VLAN 3241 ip access-group NEWACL in
#Show me my handy work:
Show Access-List GuestACL


Finally test!

Ok so what if you have a network that has a subnet of, well the wildcard changes in the ACL or above we had where as in a subnet we’d need


#Name of ACL and extended:
ip access-list extended "StudentACL1"
#List of allowed servers:
10 permit ip
15 permit ip
20 permit ip
25 permit ip
26 permit ip
27 permit ip
30 permit ip
31 permit ip
35 permit ip
#List denied subnets:
50 deny ip
55 deny ip
57 deny ip
#Apply to this VLAN:
VLAN 3216 ip access-group StudentACL1 in
#Show me the money:
Show Access-List StudentACL1


So what happens if you want to delete a ACL from a VLAN:

#remove the ACL from the VLAN: 
no VLAN 3216 ip access-group StudentACL in
#Remove the ACL from the switch:
no ip access-list extended StudentACL
#Now to check its gone either do Show Access-List or Show Config.



Tags: , , , , ,