SpecPrinters

1.0.1

Public/Add-SpecPrinterPermission.ps1

                                Function Add-SpecPrinterPermission {

    <#

    .SYNOPSIS

        Adds permissions to a printer using the Security Descriptor Definition Language (SDDL).

    .DESCRIPTION

        The Add-SpecPrinterPermissions function allows you to add permissions to a printer by specifying the printer name and the SDDL string representing the permissions. It retrieves the current printer permissions, updates them with the specified SDDL, and applies the updated permissions to the printer.

    .PARAMETER Printer

        Specifies the name of the printer to which the permissions should be added.

    .PARAMETER SDDLToAdd

        Specifies the Security Descriptor Definition Language (SDDL) string representing the permissions to be added to the printer.

    .EXAMPLE

        Add-SpecPrinterPermission -Printer "Printer01" -SDDLToAdd "D:P(A;;GA;;;WD)"

        This example adds the specified permissions (D:P(A;;GA;;;WD)) to the printer named "Printer01".

    .INPUTS

        None. You cannot pipe input to this function.

    .OUTPUTS

        Returns an integer code indicating the result of the operation:

        - 100: Successfully updated the printer SDDL permissions.

        - 101: Unable to retrieve the current printer SDDL permissions.

        - 102: Unable to retrieve the current printer SDDL permissions. Printer not found.

        - 103: Error updating the current printer SDDL permissions.

    .NOTES

    Author: andy.naftel

    Version: 1.0 - Original Code

             1.1 - [owen.heaume] Add comment-based help

                 - [owen.heaume] Added error handling and return codes

    - This function requires administrative privileges to modify printer permissions.

    - The function retrieves the current printer permissions using the Get-SpecPrinterPermissions cmdlet.

    .LINK

    Get-SpecPrinterPermissions

    #>

    [CmdletBinding()]

    param (

        [Parameter(Mandatory = $True)]

        $Printer,

        [Parameter(Mandatory = $True)]

        $SDDLToAdd

    )

    If ($Printer -iin (Get-Printer).Name) {

        $ReturnCode = Get-SpecPrinterPermission -printer $Printer

        switch ($ReturnCode) {

            101 { $continue = $false; $message = "Unable to retrieve current printer SDDL permissions" }

            102 { $continue = $false; $message = "Unable to retrieve current printer SDDL permissions. Printer not found." }

            default { $continue = $true; $OriginalSDDL = $ReturnCode }

        }

        if ($continue) {

            $NewSDDL = $OriginalSDDL + $SDDLToAdd

            Write-Verbose "Updating current printer SDDL permissions for $Printer"

            try {

                Set-Printer -Name $Printer -PermissionSDDL $NewSDDL -ErrorAction Stop -ErrorVariable x

                write-verbose "Successfully updated current printer SDDL permissions for $Printer"

                return 100

            } catch {

                Write-warning "Error updating current printer SDDL permissions for $Printer"

                Write-Warning "The error was: $x"

                return 103

            }

        } else {

            Write-Warning "$printer - $message"

            switch ($ReturnCode) {

                101 { return 101}

                102 { return 102}

            }

        }

    }

}