powershell remove all permissions on a folder for a specific user

Question

I need a script or simple powershell code for removing all permissions to a folder for specific user, by inheriting these deletion to all the subfolders and files as well -

Answer 1

i think the simplier way to do this is to copy acl from a file or folder that have the correct permissions and apply it to the folder where you want specific access. example:

$acl= get-acl /path/to/file_with_correct acl 
$files= get-childItem c:\temp\*.* -recurce |set-acl -aclobject $acl -whatif

remove the -whatif parameter to effectively modify acl

Or follow this technet article and use a code like :

$Right = [System.Security.AccessControl.FileSystemRights]"Read" 
$InheritanceFlag = [System.Security.AccessControl.InheritanceFlags]::None 
$PropagationFlag = [System.Security.AccessControl.PropagationFlags]::InheritOnly  
$objType =[System.Security.AccessControl.AccessControlType]::Allow 

$objUser = New-Object System.Security.Principal.NTAccount("domain\bob") 
$objACE = New-Object System.Security.AccessControl.FileSystemAccessRule `
    ($objUser, $Right, $InheritanceFlag, $PropagationFlag, $objType) 
$objACL = Get-ACL "d:\test" 
$objACL.RemoveAccessRuleAll($objACE) 
Set-ACL "d:\test" -aclobject $objACL

Answer 2

 $acl=get-acl c:\temp
 $accessrule = New-Object system.security.AccessControl.FileSystemAccessRule("domain\user","Read",,,"Allow")
 $acl.RemoveAccessRuleAll($accessrule)
 Set-Acl -Path "c:\temp" -AclObject $acl

this should wipe all security rules for user in c:\temp recursively