• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 447
  • Last Modified:

GPO ... give permissions to a specified directory

Hello there.

I'm fairly new to GPO and such like - I don't use them as fully as I should, however, I have a problem that if it could be solved by GPO, would make my life so much easier.

Basically, i've inherited an application that at various points, deletes all from the local machine directory 'WINDOWS/Temp' ... unless the user has permissions on this directory, an error occurs.

I would therefore like to assign delete permissions to all people in the OU to this local machine directory ...

Is this possible in GPO ?

Thanks,

S.S.
0
SpencerSteel
Asked:
SpencerSteel
1 Solution
 
luv2smileCommented:
There isn't a specific GPO setting to do this, but you could write a script that would do this and then deploy the script via GPO.
0
 
ColinRoydsCommented:
agreed with luv2smile
0
 
SpencerSteelAuthor Commented:
I could.

If I knew how.

*hangs head in shame*

S.S.
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
oBdACommented:
You actually *can* do that with a (computer) GPO.
Create a new GPO (or use an existing one) for your client machines (this is a computer policy, not a user policy).
Edit the policy, go to "Computer Configuration\Windows settings\Security settings\File system".
Right-click the "File System" folder, choose "New File".
Browse to C:\Windows\Temp, click OK ("C:\Windows" will be replaced by "%Systemroot%" automatically). In the next window, change the security settings for "Users" (or add a dedicated group) as you would when directly editing an ACL. In the next window, choose how the permissions should be set, and you're done.
Note that this will replace "custom made" permissions on the folder you added.
0
 
SpencerSteelAuthor Commented:
wow - i just had written my script using CACLS, and was going to push that out ... but your answer is great ! That is really useful - thanks so much - I thought there would be a 'smart' way ...

Sorry guys, but that gets the 500 points !

S.S.
0
 
luv2smileCommented:
I learn something new everyday...did not know that one :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Tackle projects and never again get stuck behind a technical roadblock.
Join Now