Folder permissions through powershell

Question

im trying to set some rights on a newly created user in AD. After I have created the folder, I try to set the various rights like this:

$Rights = [System.Security.AccessControl.FileSystemRights]::FullControl
$Inherit = @([System.Security.AccessControl.InheritanceFlags]::ContainerInherit,[System.Security.AccessControl.InheritanceFlags]::ObjectInherit)
$Propagation = [System.Security.AccessControl.PropagationFlags]::None
$Access =[System.Security.AccessControl.AccessControlType]::Allow
$ACL = New-Object System.Security.Principal.NTAccount "localdomain\$userprincipalname"
$objACE = New-Object System.Security.AccessControl.FileSystemAccessRule($ACL, $Rights, $Inherit, $Propagation, $Access)                     
$ACL = Get-Acl -Path $userDir
$ACL.AddAccessRule($objACE) 
Set-ACL -Path $userDir -AclObject $ACL 

The error I get is related to the parameters i pass to AddAccessRule

Exception calling "AddAccessRule" with "1" argument(s): "Some or all identity references could not be translated."
+ CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException

But I cannot see any error here, so I would really appreciate another set of eyes.

Answer 1

Ok so my solution works, and as far as I can find, is the way to set rights on a folder.

$Rights = [System.Security.AccessControl.FileSystemRights]::FullControl
$Inherit = @([System.Security.AccessControl.InheritanceFlags]::ContainerInherit,[System.Security.AccessControl.InheritanceFlags]::ObjectInherit)
$Propagation = [System.Security.AccessControl.PropagationFlags]::None
$Access =[System.Security.AccessControl.AccessControlType]::Allow
$ACL = New-Object System.Security.Principal.NTAccount "localdomain\$userprincipalname"
$objACE = New-Object System.Security.AccessControl.FileSystemAccessRule($ACL, $Rights,$Inherit, $Propagation, $Access)                     
$ACL = Get-Acl -Path $userDir
$ACL.AddAccessRule($objACE) 
Set-ACL -Path $userDir -AclObject $ACL