Is it possible to get permissions of attached database files via powershell?

  • I had a problem recently where the permissions on a database file were wrong and I wanted an automated way to check for it

    put together something really simple but it doesn't work on files currently attached by SQL. Only works if I detach a database. I have also tried get-acl with the same result. Is there something I'm missing?

  • $data_folder = "f:\data"
    $logs_folder = "g:\logs"
    $files = Get-ChildItem $data_folder
    foreach ($file in $files)
       $Path = $file.FullName
      $Acl = (Get-Item $Path).GetAccessControl('Access')
      $Username = $HomeFolder.Name
      #$Ar = New-Object System.Security.AccessControl.FileSystemAccessRule($Username, 'Modify','ContainerInherit,ObjectInherit', 'None', 'Allow')
      #Set-Acl -path $Path -AclObject $Acl
      return $path
  • What's the problem? I know if I try this (in the image), I need to ensure I'm running in an elevated cmd prompt. Maybe you have an UAC issue?

  • Arggh, image issues.

    Here's the code I ran from an elevated prompt:
    $ powershell
    Windows PowerShell
    Copyright (C) Microsoft Corporation. All rights reserved.

    PS C:\Program Files\Microsoft SQL Server\MSSQL14.SQL2017\MSSQL\DATA> Get-Acl -Path "way0utwest.mdf" | Format-Table

      Directory: C:\Program Files\Microsoft SQL Server\MSSQL14.SQL2017\MSSQL\DATA

    Path    Owner       Access
    ----    -----       ------
    way0utwest.mdf NT SERVICE\MSSQL$SQL2017 OWNER RIGHTS Allow FullControl...

  • i'll try the elevated. I'm admin on the server and thought it would be enough

  • Isn't enough on my desktop. I need specific UAC actions.

  • Viewing 5 posts - 1 through 5 (of 5 total)

    You must be logged in to reply to this topic. Login to reply