Solved

change sharing and permissions for a large number folders using cscript

Posted on 2006-11-21
9
517 Views
Last Modified: 2013-12-04
I have a small issue with changing the permissions on the user folders during a server upgrade.
We are replacing several older 2003 based servers with new and larger systems. During the upgrade process we use a program
called double-take to replicate the data from one system to another overnight. I am left with only several small issues. The user directory
that is brought over needs all its user folders shared and the permissions for "everyone" changed to full control. Since there are over 300 users this is a lot of clicking to perform manually. Is there a utility to perform this change or a cscript to automate the process.

Someone mentioned a command under adsi that worked.

Above assistance is worth 500 points.
0
Comment
Question by:jamespcurran
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 11

Expert Comment

by:KaliKoder
ID: 17988904
Hello Jamespcurran-

I believe the tool you need is a free one and GUI based from Microsoft, its called Fileserver Migration Toolkit.

You can download it for free from MS. A step by step implimentation of what you are wanting to do is described here:

http://thelazyadmin.com/index.php?/archives/203-Using-the-File-Server-Migration-Toolkit.html

Thanks and Good Luck!
0
 

Author Comment

by:jamespcurran
ID: 17989089
The profiles and user directories are copied on a continuous basis by the double-take program. This allows our 24 hr operation to continue and confirms that all the data is up to date during and after the copy. We stop the replication and perform the changeover at the last minute to minimize downtime. The amount of data would be overwelming to copy during 1 night.  we have a 3 hr maximum time to make the changeover. Once we break the replication, the directories, for example the users direcroy, is currently manually changed to share status and the user everyone is givin full control. The Fileserver Migration tool would work but would increase the latenight folder copy. We really need a quick script or tool to 1. change each folder to shared and 2. give the user everyone full control.

0
 
LVL 11

Expert Comment

by:KaliKoder
ID: 17989203
Ah ok!

You can use XCACLS utility to script this. Its a free one from Microsoft available at:
http://support.microsoft.com/?id=825751

Some examples and usage explained at:
http://www.ss64.com/nt/xcalcs.html

I would try and find an example of what exactly would fit your scenario, regarding sharing folders. But in the meanwhile XCACLS would be a good place to start..
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:jamespcurran
ID: 17989564
Kalikoder

Thanks I will try the utility. It looks like this will change the security setting of Everyone in the user directories but not turn on the share. Will it also work on Multiple folders???
0
 

Author Comment

by:jamespcurran
ID: 17989820
Tried the XCACLS and found Three Issues.

1. Does not turn on Sharing Feature
2. Will give Full control to multiple folders to Everyone but under security not under Shared permissions
3. Give a sort error.

Don't think this will work. Also tried an older program cacls with same results.

I thinks we need to turn the share on for wach folder and then go thru on another pass to change permissions on the shared folder.

0
 
LVL 11

Expert Comment

by:KaliKoder
ID: 17989904
Yes, I believe it would be a two step process. First you would create the shares, next assign the NTFS permissions. To create the shares you can use the "net share" command (use net share /? to get help). However I still have not figured how to change share permissions using command line:

http://www.jsifaq.com/SF/Tips/Tip.aspx?id=0063

Still researching

0
 
LVL 11

Expert Comment

by:KaliKoder
ID: 17990011
Actually this article does suggest using a template for assigning share permissions, you can use a combination of RMTSHARE.exe and PERMCOPY.exe. RMTSHARE.exe might do what you want.

http://www.jsifaq.com/SF/Tips/Tip.aspx?id=6353

http://www.windowsitpro.com/Article/ArticleID/14459/14459.html

You can make a batch file to set these up, I have not yet figured how you can "loop" the batch file and pass the name of the folders to it automatically. But basically I have a faint idea. Here is the algoritham

- Do a dir command and output the list of directories to a .txt file Dir > file.txt
- Massage the text file so it only had one directory name per line, nothing else
- Loop a batch file so that it does a RMTShare.exe command and passes the name of the folder to it

Alternatively, you can put one rmtshare.exe command on each line with the name and path of the folder you want to share. Since your folder structure hopefully wont change to much on day today basis, you can keep using the same paths and foldernames. Its only a manual process for the first time, and next times it would be automated. Same concept applies for XCACLS.

Thanks and Good Luck!

 
0
 

Author Comment

by:jamespcurran
ID: 17990676
C:\users>rmtshare \\cmsweb5\user1=C:\users\user1 /grant everyone:f

This worked for a command line change of the share and also the correct user everyone.

This may be possible. I have tried to use * for the user1 folder name on my test bed and the xcacls or rmtshare do not recognize wild cards in any way.

Can you give me some assistance on the batch file and looping function. My brain is very slow today.

this is very close Thanks for the research and hard work.

Jim
0
 
LVL 11

Accepted Solution

by:
KaliKoder earned 500 total points
ID: 17991295
Ok, I have come up with the following please follow this line by line:

- Map a drive to where the user directories are located (lets say R:)

- Open up a command prompt

- Change to the user drive u mapped (R:)

- Do a "Dir /AD > R:\list.txt" this would give you a text file with only user directories listed called list.txt

- Open list.txt file and massage it such that it has only one directory name per line and nothing else eg;

Robert
Tom
Hsimposon
.
.
.
Etc

- Save the list.txt file

- Paste the following in notepad, and make a create.bat file note that from the word for to the :f is a single command, do not include line breaks in it
------------Cut Here--------------
@echo off
set listfile=%~1
for /f "delims=" %%a in ('type "%listfile%"') do rmtshare \\cmsweb5\%%a=C:\users\%%a /grant everyone:f
echo done
pause
-----------Cut Here--------------

- Now from the command prompt in R: drive, run the command "create.bat list.txt"

That should do it. My batch file writing skills are now rusted, I would suggest you try this on a test system first before implimenting into production.

Thanks and Good Luck!
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question