thereisnotime · November 16, 2020 22:42
diff --git a/Set-PrivateKeyPermissions.ps1 b/Set-PrivateKeyPermissions.ps1
 function Set-PrivateKeyPermissions {
    param (
        [string]$KeyLocation
    )
 	if (-not ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
 		Write-Error "Must run as administrator. Exiting..."
 		Return
 	}
 	$acl = Get-Acl "$KeyLocation"
 	$currentUser = New-Object System.Security.Principal.Ntaccount($acl.owner)
 	$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($acl.owner,"FullControl","Allow")
 	$acl.Access | %{$acl.RemoveAccessRule($_)}
 	$acl.SetOwner($currentUser)
 	$acl.SetAccessRuleProtection($true,$false)
 	$acl.SetAccessRule($accessRule)
 	$acl | Set-Acl "$KeyLocation"
 }

 # Example usage:
 Set-PrivateKeyPermissions -KeyLocation 'C:\Keys\thereisnotime.pem'
	function Set-PrivateKeyPermissions {
	param (
	[string]$KeyLocation
	)
	if (-not ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
	Write-Error "Must run as administrator. Exiting..."
	Return
	}
	$acl = Get-Acl "$KeyLocation"
	$currentUser = New-Object System.Security.Principal.Ntaccount($acl.owner)
	$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($acl.owner,"FullControl","Allow")
	$acl.Access \| %{$acl.RemoveAccessRule($_)}
	$acl.SetOwner($currentUser)
	$acl.SetAccessRuleProtection($true,$false)
	$acl.SetAccessRule($accessRule)
	$acl \| Set-Acl "$KeyLocation"
	}

	# Example usage:
	Set-PrivateKeyPermissions -KeyLocation 'C:\Keys\thereisnotime.pem'