PURIM-E
asked on
Change ownership of home folders to individual users
Hi I moved user home directories from one server to another on a Windows 2003. Administrator is now the owner.
I'd like to set the Ownership of each directory to its respective user.
I Need to do:
1. Extract the subdirectory listing from F:\Users
2. Match a username to each subdirectory.
3. Change the ownership to the user.
Does anyone have a kixtart script\batch file that will will do this automatically for me ?
I'd like to set the Ownership of each directory to its respective user.
I Need to do:
1. Extract the subdirectory listing from F:\Users
2. Match a username to each subdirectory.
3. Change the ownership to the user.
Does anyone have a kixtart script\batch file that will will do this automatically for me ?
Oh, and remove the echo command from the subinacl line once you are done testing.
the following script should work for you. give it a test run on a smaller folder set first of course or in test environment. it basically gets all the folders and subfolders, then will push out permissions on f:\users and below to give SYSTEM and DOMAIN ADMINS full control, then it will look at each folder and get the username from each folder name (if that is how you have it set up) and resolve it to AD before assigning them MODIFY control.
Run the script from within a script editor such as PrimalScript so the output is displayed on screen and not in message boxes. alternatively, run the script from under cscript.
Dim arrFolders()
Dim strUserName
intSize = 0
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set objShell = WScript.CreateObject("WScr ipt.Shell" )
strFolderName = "f:\users"
strTopLevelFolder = "f:\users"
Set colSubfolders = objWMIService.ExecQuery("A ssociators of {Win32_Directory.Name='" & strFolderName & "'} " & "Where AssocClass = Win32_Subdirectory " & "ResultRole = PartComponent")
ReDim Preserve arrFolders(intSize)
arrFolders(intSize) = strFolderName
intSize = intSize + 1
ApplyFolderStructurePermis sions()
For Each objFolder in colSubfolders
GetSubFolders strFolderName
Next
Sub GetSubFolders(strFolderNam e)
Set colSubfolders2 = objWMIService.ExecQuery("A ssociators of {Win32_Directory.Name='" & strFolderName & "'} " & "Where AssocClass = Win32_Subdirectory " & "ResultRole = PartComponent")
For Each objFolder2 In colSubfolders2
strFolder = Mid(objFolder2.Name,9)
strFolderName = objFolder2.Name
ReDim Preserve arrFolders(intSize)
arrFolders(intSize) = strFolderName
strUserName = strFolder
ApplyUserFolderPermissions (strUserna me)
intSize = intSize + 1
Next
End Sub
Function ApplyFolderStructurePermis sions()
strACLCommand = "cmd /c echo y| CACLS "
strACLCommand = strACLCommand & strTopLevelFolder
strACLCommand2 = strACLCommand & " /e /t /g " & chr(34) & "System" & chr(34) & ":F"
strACLCommand3 = strACLCommand & " /e /t /g " & chr(34) & "Domain Admins" & chr(34) & ":F"
Set objWSH = CreateObject("WScript.Shel l")
return = objWSH.Run (strACLCommand1 , 0, True)
return = objWSH.Run (strACLCommand2 , 0, True)
return = objWSH.Run (strACLCommand3 , 0, True)
End Function
Function ApplyUserFolderPermissions (strUserna me)
strFolderNameDelete = UCase(Right(strFolderName, 6))
If strFolderNameDelete <> " in AD" Then
strACLCommand = "cmd /c echo y| CACLS "
strACLCommand = strACLCommand & strFolderName
strACLCommand = strACLCommand & " /e /t /g " & chr(34) & strUserName & chr(34) & ":C"
Set objWSH = CreateObject("WScript.Shel l")
return = objWSH.Run(strACLCommand,0 ,True)
Select Case return
Case "1332"
strQuery = "Select * From Win32_Directory Where Name = 'f:\\users\\" & strUserName & "'"
Set colFolders = objWMIService.ExecQuery(st rQuery)
For Each objFolder in colFolders
strNewName = strFolderName & " - User Account could not be found in AD"
errResults = objFolder.Rename(strNewNam e)
If errResults <> "0" Then
WScript.Echo "The folder - " & Chr(34) & strFolderName & Chr(34) & " - cannot be renamed because there is a file in use."
Else
WScript.Echo "Folder renamed to " & Chr(34) & strNewName & Chr(34) & "."
strFolderName = strNewName
End If
Next
Case "5"
WScript.Echo "You do not have access to change permissions on " & Chr(34) & strFolderName & Chr(34) & ". Please manually take ownership and adjust."
Case "0"
Wscript.Echo UCASE(strUserName) & " has been given MODIFY access to " & Chr(34) & strFolderName & Chr(34)
Case Else
WScript.Echo "Something else is going wrong! I don't know what it is!"
End Select
Else
WScript.Echo Chr(34) & strFolderName & Chr(34) & " is already marked to be deleted"
End If
End Function
Run the script from within a script editor such as PrimalScript so the output is displayed on screen and not in message boxes. alternatively, run the script from under cscript.
Dim arrFolders()
Dim strUserName
intSize = 0
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set objShell = WScript.CreateObject("WScr
strFolderName = "f:\users"
strTopLevelFolder = "f:\users"
Set colSubfolders = objWMIService.ExecQuery("A
ReDim Preserve arrFolders(intSize)
arrFolders(intSize) = strFolderName
intSize = intSize + 1
ApplyFolderStructurePermis
For Each objFolder in colSubfolders
GetSubFolders strFolderName
Next
Sub GetSubFolders(strFolderNam
Set colSubfolders2 = objWMIService.ExecQuery("A
For Each objFolder2 In colSubfolders2
strFolder = Mid(objFolder2.Name,9)
strFolderName = objFolder2.Name
ReDim Preserve arrFolders(intSize)
arrFolders(intSize) = strFolderName
strUserName = strFolder
ApplyUserFolderPermissions
intSize = intSize + 1
Next
End Sub
Function ApplyFolderStructurePermis
strACLCommand = "cmd /c echo y| CACLS "
strACLCommand = strACLCommand & strTopLevelFolder
strACLCommand2 = strACLCommand & " /e /t /g " & chr(34) & "System" & chr(34) & ":F"
strACLCommand3 = strACLCommand & " /e /t /g " & chr(34) & "Domain Admins" & chr(34) & ":F"
Set objWSH = CreateObject("WScript.Shel
return = objWSH.Run (strACLCommand1 , 0, True)
return = objWSH.Run (strACLCommand2 , 0, True)
return = objWSH.Run (strACLCommand3 , 0, True)
End Function
Function ApplyUserFolderPermissions
strFolderNameDelete = UCase(Right(strFolderName,
If strFolderNameDelete <> " in AD" Then
strACLCommand = "cmd /c echo y| CACLS "
strACLCommand = strACLCommand & strFolderName
strACLCommand = strACLCommand & " /e /t /g " & chr(34) & strUserName & chr(34) & ":C"
Set objWSH = CreateObject("WScript.Shel
return = objWSH.Run(strACLCommand,0
Select Case return
Case "1332"
strQuery = "Select * From Win32_Directory Where Name = 'f:\\users\\" & strUserName & "'"
Set colFolders = objWMIService.ExecQuery(st
For Each objFolder in colFolders
strNewName = strFolderName & " - User Account could not be found in AD"
errResults = objFolder.Rename(strNewNam
If errResults <> "0" Then
WScript.Echo "The folder - " & Chr(34) & strFolderName & Chr(34) & " - cannot be renamed because there is a file in use."
Else
WScript.Echo "Folder renamed to " & Chr(34) & strNewName & Chr(34) & "."
strFolderName = strNewName
End If
Next
Case "5"
WScript.Echo "You do not have access to change permissions on " & Chr(34) & strFolderName & Chr(34) & ". Please manually take ownership and adjust."
Case "0"
Wscript.Echo UCASE(strUserName) & " has been given MODIFY access to " & Chr(34) & strFolderName & Chr(34)
Case Else
WScript.Echo "Something else is going wrong! I don't know what it is!"
End Select
Else
WScript.Echo Chr(34) & strFolderName & Chr(34) & " is already marked to be deleted"
End If
End Function
oh and if the folder name (aka username) is not found in AD it will throw back messages to you and rename the folder to include on the end "- User Account not found in AD"
ASKER
Thanks Shift - have tried this but it does not work... what have I done wrong ?
it results in:
done: 0 modiefied: 0 failed: 0 syntax errors: 0
@echo off
setlocal
REM The directory containing the home folders.
set homeroot=\\zeus1\f$\Users\ student\20 12
REM Your domain name
set dom=meolscophigh
pushd "%homeroot%"
for /F "tokens=*" %%G in ('dir /A:D /B') do (
subinacl /file %homeroot%\%%G /setowner="%dom%\%%G"
)
popd
endlocal
REM back to top
it results in:
done: 0 modiefied: 0 failed: 0 syntax errors: 0
@echo off
setlocal
REM The directory containing the home folders.
set homeroot=\\zeus1\f$\Users\
REM Your domain name
set dom=meolscophigh
pushd "%homeroot%"
for /F "tokens=*" %%G in ('dir /A:D /B') do (
subinacl /file %homeroot%\%%G /setowner="%dom%\%%G"
)
popd
endlocal
REM back to top
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.microsoft.com/downloads/details.aspx?familyid=9d467a69-57ff-4ae7-96ee-b18c4790cffd
Note that you may need to change NTFS permissions in addition to ownership.
@echo off
setlocal
REM The directory containing the home folders.
set homeroot=F:\Users
REM Your domain name
set dom=yourdomain
pushd "%homeroot%"
for /F "tokens=*" %%G in ('dir /A:D /B') do (
echo subinacl /file "%%G" /setowner="%dom%\%%G"
)
popd
endlocal