Managing permissions with PowerShell is only a bit easier than in VBS or the command line as there are no cmdlets for most day-to-day tasks like getting a permission report or adding permission to an item. PowerShell only offers Get-Acl and Set-Acl but everything in between getting and setting the ACL is missing. This module closes the gap.


The cmdlets are yet not documented so Get-Help will just show the syntax. Prodiding documentation is planned tough.

Please send comments, feature requests and bug reports to or create an issue here



Just create the folder "NTFSSecurity" in one of the standard module folders and copy the files attached in there. The standard module folders are in the environment variable %PSModulePath%, for example C:\Users\<username>\Documents\WindowsPowerShell\Modules.
For example, all the files in the zip file have to be in "C:\Users\raandree\Documents\WindowsPowerShell\Modules\NTFSSecurity". If you did this then the module should be listed in "Get-Module -ListAvailable" and can be imported using "Import-Module NTFSSecurity".


The module provides 10 cmdlets to manage permissions on the file system, like adding and removing ACEs, setting the inheritance, getting the current permissions or even get the effective permissions for a certain user.

The available cmdlets are listed below with a short description. More information can be retreived in the PowerShell using Get-Help.

All cmdlets have at least one parameter that supports the pipeline. They all can work with pipeline input coming from Get-ChildItem but some do more with what comes form the pipeline.

The name / SID translation is done by the Security2 class.

Last edited Jan 16 at 11:35 AM by raandree, version 3