Add a user to the permissions of many folders.

I am trying to do a backup of my small business server 2003, but many folders and files do not even have the Administrator account added under Permissions. The User Files folders were created upon logon by the client machines and it was set to give them exclusive permission to their folders...which was fine, except now I have realized that I cannot do a backup because there is no one user that has access to all folders and files.

Anyway, I've started to troubleshoot this problem by creating a user called "backup" and (trying) to add the account to all folders' permissions. From what I see (making it owner of all folders, adding it to the top-most folder in the folder heirarchy and hoping it would trickle down when i selected giving it access to all folders/files/objects in subfolders) nothing has worked. At best the user was given ownership or access to all folders and files, but the previous permissins were all erased and replaced with only the "backup" user.

No idea what to do...too many folders to add a user to every folder manually and I can't erase permissions and redo them....any ideas?
tvaccAsked:
Who is Participating?
 
JamesDSConnect With a Mentor Commented:
tvacc
c:\user files 2\*.* needs to be in quotes as it has a space in it: "c:\user files 2\*.*"

Cheers

JamesDS
0
 
JamesDSCommented:
tvacc
If you add the backup user to the Backup Operators group, it should be able to bypass the file security to perform the backup.

If you wish to automate changes to NTFS ACLs then you should take a look at the following commands:
CACLS.EXE
XCACLS.VBS (download from MS)

Cheers

JamesDS
0
 
tvaccAuthor Commented:
adding the user to the Backup Operators group does not work, perhaps this is because I am not using the Windows Backup program (using Geniesoft Backup Mananger 5.0).

anyway, i plan on testing the xcacls.vbs script tonight on my test server. i've read through the readme once and i'm a little lost...if i wanted to add one user (named "backup" to permissions on all folders/files on the computer, what would i have to type for the command? very important...the existing permissions and shares for the folders and files cannot be erased. i just want the user added.
0
 
JamesDSCommented:
tvacc
The /E switch edits (IE adds to the ACL) rather then replaces it.

You will need to run a seperate command for each of the folders you wish to edit the ACls for, unless you have the inheritance flag set and have a set of permissions set at the root folder.

The generated list can be put into Excel and the XCACLS commands can be generated from there - then simply paste the column with your generated commands straight into a DOS window and all your commands get run.

I did this for a client recently and it took about 30 minutes to re-ACL an entire 2Tb SAN.

Cheers

JamesDS
0
 
tvaccAuthor Commented:
getting this...:

C:\WINDOWS>cscript.exe xcacls.vbs c:\user files 2\*.* /g AMI\backup:f;f /e /t "c
:\xcacls.log"
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

Starting XCACLS.VBS (Version: 5.2) Script at 10/8/2004 4:28:41 PM

Startup directory:
"C:\WINDOWS"

Arguments Used:
        Filename = "c:\user"


Error: Invalid flag files.
Please check the input and try again.



Operation Complete
Elapsed Time: 0 seconds.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.