Localized Name of Administrators

[gruppenrichtlinien]

Hi,

please do a "search & replace" for "Administrators" in Install-PSD.ps1 with e.g. "$Admins"
Add a Variable in Line 77:
$Admins=(Get-WmiObject win32_group -filter "SID = 'S-1-5-32-544'").Name

THX!
Mark

[CyberblueX]

Hello,
thank you for this great hint.

I would have the following addition after some more errors today on my first try of psd. This is faster as the wmi query, too.

In Line 77:

$Admins = "*BA"
$Users = "*BU"
$Everyone = "*WD"
#$Everyone = "*AU" # Maybe the "authenticated users" group?
$CreatorOwner = "*CO"
# https://learn.microsoft.com/en-us/windows/win32/secauthz/sid-strings

At the end at Line ~483 in Section "# Relax Permissions on DeploymentFolder and DeploymentShare":

    # Relax Permissions on DeploymentFolder and DeploymentShare
    Write-PSDInstallLog -Message "Relaxing permissions on $psDeploymentShare"
    icacls $psDeploymentFolder /grant ('"' + $Users + '":(OI)(CI)(RX)') | Out-Null
    icacls $psDeploymentFolder /grant ('"' + $Admins + '":(OI)(CI)(F)') | Out-Null
    icacls $psDeploymentFolder /grant '"SYSTEM":(OI)(CI)(F)' | Out-Null
    Grant-SmbShareAccess -Name $psDeploymentShare -AccountName $Everyone -AccessRight Change -Force | Out-Null
    Revoke-SmbShareAccess -Name $psDeploymentShare -AccountName $CreatorOwner -Force | Out-Null

Don't forget to search & replace the other ones.

Best regards

Thank to sources such as:
https://superuser.com/questions/1176622/regardless-of-windows-language-how-can-i-make-the-icacls-command-set-a-folder-t