Updated Script

Patches/Windows/Remove-Permissions.ps1

@@ -1,10 +1,22 @@
-$computerName = $env:COMPUTERNAME
-$domain = (Get-WmiObject Win32_ComputerSystem).Domain
-
 $folderPath = "C:\Scripts"
-$groupName = "Authenticated Users"
+$groupName = "NT AUTHORITY\Authenticated Users"
 
+# Get current ACL
 $acl = Get-Acl -Path $folderPath
-$acl.SetAccessRuleProtection($true, $false)
+
-$acl.RemoveAccessRule($acl.Access | Where-Object {$_.IdentityReference -eq "$domain\$groupName"})
+# Create a new FileSystemSecurity object
-Set-Acl -Path $folderPath -AclObject $acl
+$newAcl = New-Object System.Security.AccessControl.DirectorySecurity
+
+# Disable inheritance and copy existing rules
+$newAcl.SetAccessRuleProtection($true, $true)
+
+# Get all rules except Authenticated Users
+$rules = $acl.Access | Where-Object {$_.IdentityReference -ne $groupName}
+
+# Add each rule to the new ACL
+foreach ($rule in $rules) {
+    $newAcl.AddAccessRule($rule)
+}
+
+# Apply the modified ACL back to the folder
+Set-Acl -Path $folderPath -AclObject $newAcl