For you scripting guys that want to automate everything, For website deployments, you can modify your permissions using the NTFSSecurity Module. This is a simple way to modify ACL’s with powershell. Much easier to use the NTFSSecurity module…
First download the module from here: https://ntfssecurity.codeplex.com/
I would put it in your modules directory on the server. Then import the module with Get-Module -ListAvailable and Import-Module NTFSSecurity.
Now, on to the simple and easy code:
Add-NTFSAccess -Path 'C:\SomeFolder\SubFolder' -Account BUILTIN\IIS_IUSRS -AccessRights Read
You can also use the following AccessRights. Actually, you should be able to get any name as the parameter but these are the most common:
Also, as a note, IIS_IUSRS is a special internal group that you shouldn’t/can’t prefix with the computer or domain name.
For the Network Service or IUSR, you have to use “NT AUTHORITY\NETWORK SERVICE” OR “NT AUTHORITY\IUSR”