Solved

Add a user to the permissions of many folders.

Posted on 2004-10-03
5
231 Views
Last Modified: 2010-05-18
I am trying to do a backup of my small business server 2003, but many folders and files do not even have the Administrator account added under Permissions. The User Files folders were created upon logon by the client machines and it was set to give them exclusive permission to their folders...which was fine, except now I have realized that I cannot do a backup because there is no one user that has access to all folders and files.

Anyway, I've started to troubleshoot this problem by creating a user called "backup" and (trying) to add the account to all folders' permissions. From what I see (making it owner of all folders, adding it to the top-most folder in the folder heirarchy and hoping it would trickle down when i selected giving it access to all folders/files/objects in subfolders) nothing has worked. At best the user was given ownership or access to all folders and files, but the previous permissins were all erased and replaced with only the "backup" user.

No idea what to do...too many folders to add a user to every folder manually and I can't erase permissions and redo them....any ideas?
0
Comment
Question by:tvacc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 12215326
tvacc
If you add the backup user to the Backup Operators group, it should be able to bypass the file security to perform the backup.

If you wish to automate changes to NTFS ACLs then you should take a look at the following commands:
CACLS.EXE
XCACLS.VBS (download from MS)

Cheers

JamesDS
0
 

Author Comment

by:tvacc
ID: 12221731
adding the user to the Backup Operators group does not work, perhaps this is because I am not using the Windows Backup program (using Geniesoft Backup Mananger 5.0).

anyway, i plan on testing the xcacls.vbs script tonight on my test server. i've read through the readme once and i'm a little lost...if i wanted to add one user (named "backup" to permissions on all folders/files on the computer, what would i have to type for the command? very important...the existing permissions and shares for the folders and files cannot be erased. i just want the user added.
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12224440
tvacc
The /E switch edits (IE adds to the ACL) rather then replaces it.

You will need to run a seperate command for each of the folders you wish to edit the ACls for, unless you have the inheritance flag set and have a set of permissions set at the root folder.

The generated list can be put into Excel and the XCACLS commands can be generated from there - then simply paste the column with your generated commands straight into a DOS window and all your commands get run.

I did this for a client recently and it took about 30 minutes to re-ACL an entire 2Tb SAN.

Cheers

JamesDS
0
 

Author Comment

by:tvacc
ID: 12262782
getting this...:

C:\WINDOWS>cscript.exe xcacls.vbs c:\user files 2\*.* /g AMI\backup:f;f /e /t "c
:\xcacls.log"
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

Starting XCACLS.VBS (Version: 5.2) Script at 10/8/2004 4:28:41 PM

Startup directory:
"C:\WINDOWS"

Arguments Used:
        Filename = "c:\user"


Error: Invalid flag files.
Please check the input and try again.



Operation Complete
Elapsed Time: 0 seconds.
0
 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 12265595
tvacc
c:\user files 2\*.* needs to be in quotes as it has a space in it: "c:\user files 2\*.*"

Cheers

JamesDS
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question