---

---

icacls "c:\yourdirectory" /t /grant "IIS AppPool\DefaultAppPool":(R)

Part A: Configuring your Application Pool Suppose the Application Pool is named 'MyPool' Go to 'Advanced Settings' of the Application Pool from the IIS Manager

1. Scroll down to 'Identity'. Trying to edit the value will bring up a dialog box. Select 'Built-In account' and under it, select 'ApplicationPoolIdentity'.
2. A few lines below 'Identity', you should find 'Load User Profile'. This value should be set to 'True'.

Part B: Configuring your website

1. Website Name: SiteName (just an example)
2. Physical Path: C:\Whatever (just an example)
3. Connect as... : Application User (pass-through authentication) (The above settings can be found in 'Basic Settings' of the site in the IIS Manager)
4. After configuring the basic settings, look for the 'Authentication' configuration under 'IIS' in the main console of the site. Open it. You should see an option for 'Anonymous Authentication'. Make sure it is enabled. Then right click and 'Edit...' it. Select 'Application Pool Identity'.

Part C: Configuring your folder The folder in question is C:\Whatever

1. Go to Properties - Sharing - Advanced Sharing - Permissions, and tick 'Share this folder'
2. In the same dialog box, you will find a button 'Permissions'. Click it.
3. A new dialog box will open. Click 'Add'.
4. A new dialog box 'Select Users or Groups' will open. Under 'From this location' make sure the name is the same as your local host computer. Then, under 'Enter the object names', type 'IIS AppPool\MyPool' and click 'Check Names' and then 'Ok'
5. Give full sharing permissions for 'MyPool' user. Apply it and close the folder properties
6. Open folder properties again. This time, go to Security - Advanced - Permission, and click Add. There will be an option 'Select a Principal' at the top, or some other option to choose a user. Click it.
7. The 'Select Users or Groups' dialog box will open again. Repeat step 4.
8. Give all or as many permissions you need to the 'MyPool' user.
9. Check 'Replace all child object permissions..." and Apply and close.

You should now be able to use the browse the website   Set quyền cho C:\Users\%UserName%/AppData  

$OutFile = "C:\Temp\permissions.csv"
$Header = "Folder Path,IdentityReference,AccessControlType,IsInherited,InheritanceFlags,PropagationFlags"
Del $OutFile
Add-Content -Value $Header -Path $OutFile

$RootPath = "\\fs1\shared"

$Folders = dir $RootPath -recurse | where {$_.psiscontainer -eq $true}

foreach ($Folder in $Folders){
       $ACLs = get-acl $Folder.fullname | ForEach-Object { $_.Access  }
       Foreach ($ACL in $ACLs){
       $OutInfo = $Folder.Fullname + "," + $ACL.IdentityReference  + "," + $ACL.AccessControlType + "," + $ACL.IsInherited + "," + $ACL.InheritanceFlags + "," + $ACL.PropagationFlags
       Add-Content -Value $OutInfo -Path $OutFile
       }}

User

dir -Recurse | where { $_.PsIsContainer } | % { $path1 = $_.fullname; Get-Acl $_.Fullname | % { $_.access | where { $_.IdentityReference -like "ENTERPRISE\J.Carter" } | Add-Member -MemberType NoteProperty -name "\\fs1\shared\" -Value $path1 -passthru }} | export-csv "C:\temp\permissions.csv"

 

---

---