Powershell: Workaround for “The security identifier is not allowed to be the owner of this object” with Set-Acl
I was writing a Powershell script which gave a user full control on a folder. Strangely, this script was failing: $username = "my_nonadmin_user" $path = "c:inetpubwwwroot" $acl = Get-Acl $path $accessrule = New-Object system.security.AccessControl.FileSystemAccessRule($username, "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow") $acl.AddAccessRule($accessrule) set-acl -aclobject $acl $path Voila!