I’m trying to set some ACL’s on the deployment folder via a PostDeploy.ps1 file but can’t seem to pull it off. It appears to maybe be a UAC type of issue. Here is the code I’m attempting to run in the ps1 file:
# Get an ACL object for the deployment folder. $acl = Get-Acl . #$acl.GetAccessRules($true, $true, [System.Security.Principal.NTAccount]) # Remove inheritance $acl.SetAccessRuleProtection($True, $False) | Write-Host # Setup Read/Execute permission for AppPool identity $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("IIS AppPool\ap_pms","ReadAndExecute", "ContainerInherit, ObjectInherit", "None", "Allow") # Apply the rule $acl.AddAccessRule($rule)
This code executes with no errors but also nothing happens. None of the ACL’s are applied. It seems it would have to run with elevated permissions, possibly as an Administrator? Not sure though? Any advice?