Invalid parameter when calling icacls with a variable

Question

When I run this script in Powershell ISE:

[System.Threading.Thread]::CurrentThread.CurrentCulture = 'en-us'
$folder = Read-Host 'Dove sono le cartelle degli utenti?'
$name = Read-Host 'Specificare la cartella dell utente?'
takeown /f $folder\$name /r /d Y
icacls $folder\$name /t /c /grant T135837TS:F /q
icacls $folder\$name /grant ([String]($name.replace(".V2",""))):F /t /c /q

I get this error:

icacls : Invalid parameter "npac001"
At line:1 char:1
+ icacls $folder\$name /grant ([String]($name.replace(".V2",""))):F /t /c /q
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (Invalid parameter "npac001":String) [],  RemoteException
+ FullyQualifiedErrorId : NativeCommandError

Where npac001 is the user who must have the permission.

Answer 1

Your problem is that icacls is not seeing the user and the access protection rule (:f) as one parameter.

Try putting single quotes around the following part:

 icacls $folder\$name /grant '([String]($name.replace(".V2","")))':F /t /c /q

OR

Try creating the access protection rule before giving it to icacls e.g.:

$user = ([String]($name.replace(".V2","")))
$rule = "'$user':f"
icacls "C:\folder" /grant $rule /t /c /q

Note: The single quotes around the user before the type of access given e.g. :f. Therefore $rule should look something like this before it is passed to icacls. "'npac001':f"