Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 311
  • Last Modified:

Change permissions Domain Wide on %WinDir%

I work in a windows XP Server 2003 environment. I am wanting to temporarily give all my users permission to edit the %windir% in order to run a batch file within a logon or logoff script to update an .ini file located here. My question is what would be the easiest way to do this? Thanks
0
Jose Rivera-Hernandez
Asked:
Jose Rivera-Hernandez
  • 6
  • 3
1 Solution
 
and235100Commented:
Use cacls (http://www.ss64.com/nt/cacls.html) in a script that you can put out in a GPO, and apply the permissions on the folders that you want...
0
 
and235100Commented:
i.e.

cacls c:\Windows /G <domain>\Everyone:C /C
0
 
Jose Rivera-HernandezAVP of ISAuthor Commented:
I am receiving an invalid arguments error when trying the following on one of my machines from the command line.
cacls c:\windows /G oshq\authenticated users /C
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
and235100Commented:
you need to use "authenticated users" (in quotes)
0
 
Jose Rivera-HernandezAVP of ISAuthor Commented:
Still a no go with cacls c:\windows /G oshq\"authenticated users" /C or cacls c:\windows /G "oshq\authenticated users" /C

Will this only work with single files or will it work with folders? I am looking at the site listed above and it is only referring to individual files. Thanks
0
 
and235100Commented:
Cacls does work for folders - you may need to use %windir% instead of c:\windows
0
 
Jose Rivera-HernandezAVP of ISAuthor Commented:
Still not working, any ideas?
0
 
and235100Commented:
First of all - you need the permission you want to write, i.e. "oshq\authenticated users":R

R Read  
C Change (write)  
F Full Control  
P Change Permissions (special access)  
O Take Ownership (special access)  
X EXecute (special access)  
E REad (Special access)  
W Write (Special access)  
D Delete (Special access)  
 
0
 
and235100Commented:
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now