permissions_ntfs
Ensure NTFS permissions on a file for a given user.
⚙️ Compatible targets: Windows
Parameters
| Name | Documentation |
|---|---|
| path | File path. This parameter is required. |
| user | DOMAIN\Account. This parameter is required. |
| rights | Comma separated right list. This parameter is required. |
| accesstype | "Allow" or "Deny". Choices:
This parameter is optional. |
| propagationpolicy | Define the propagation policy of the access rule that Rudder is applying. Choices:
This parameter is optional. |
Outcome conditions
You need to replace ${path} with its actual canonified value.
- ✅ Ok:
permissions_ntfs_${path}_ok- ☑️ Already compliant:
permissions_ntfs_${path}_kept - 🟨 Repaired:
permissions_ntfs_${path}_repaired
- ☑️ Already compliant:
- ❌ Error:
permissions_ntfs_${path}_error
Example
method: permissions_ntfs
params:
propagationpolicy: ThisFolderOnly
path: VALUE
user: VALUE
rights: VALUE
accesstype: Allow
Documentation
Ensure that the correct NTFS permissions are applied on a file for a given user.
Inheritance and propagation flags can also be managed. If left blank, no propagation will be set.
To manage effective propagation or effective access, please disable the inheritance on the file before applying this generic method.
Note: that the Synchronize permission may not work in some cases. This is a known bug.
Right validate set:
None, ReadData, ListDirectory, WriteData, CreateFiles, AppendData, CreateDirectories, ReadExtendedAttributes, WriteExtendedAttributes, ExecuteFile, Traverse, DeleteSubdirectoriesAndFiles, ReadAttributes, WriteAttributes, Write, Delete, ReadPermissions, Read, ReadAndExecute, Modify, ChangePermissions, TakeOwnership, Synchronize, FullControl
AccessType validate set:
Allow, Deny
PropagationPolicy validate set:
ThisFolderOnly, ThisFolderSubfoldersAndFiles, ThisFolderAndSubfolders, ThisFolderAndFiles, SubfoldersAndFilesOnly, SubfoldersOnly, FilesOnly