• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 231
  • Last Modified:

Directory Structure Question

I'm working on a little project where we're trying to have some sort of structure to a drive letter that's being shared to the domain users.
As an example, here's the structure that we have:  
G:\01\01060\20050341\etc.
      ^       ^           ^
      |        |            |
      |        |           Third Level
      |       Second Level
     First Level

The first level: G:\01\xxxx\xxxx\xxx is supposed to be read only to the domain users.  They don't have any write/change/delete rights to this level of the tree.   (Note:  In the first tree level, there are 26 folders corresponding to the alphabet)

The second level G:\XX\01060\XXXX\XXXX\etc has essentially the same rights and restrictions as its parent folder.

The third level, G:\xx\xxxxx\20050341\etc. is where the domain users have the ability of creating folders, and files within them.  They are allowed to delete files, but not the folders.  Requests to the domain admins has to be made in order to delete the folders.

Where it gets tricky for me is I have to apply all the rules to all the folders within the first two levels of folders (which are already in place.  First level stuff is set since it corresponds with the alphabet; Second level is set right now, but potentially needs new folders in the future with the same rights as its sister folders in place).  

What I'm fearing is that there is no dynamic way that the folders and their security rights will be implemented every time a new folder is created.

Basically, my main question is the above mentioned structure even possible?  And as a bonus to my question, is it implementable in a dynamic way where Folders added on the second tree level will have the rights assigned automatically?

I know this post is rather confusing since I'm at a loss for words in describing the issue, so please post questions you may have :)

Thanks!
0
bscny
Asked:
bscny
1 Solution
 
chingmdCommented:
Hmm My first thought is some script to create the folder.  
But then to ensure permissions are set properly.

xcacls.exe is a command line tool that gives you the ability to change the acls on folders and files.

http://www.microsoft.com/downloads/details.aspx?FamilyID=0ad33a24-0616-473c-b103-c35bc2820bda&DisplayLang=en

This is the download page.  It also has instruction on where to look for the usage instructions.

Then, you could automate the task with a scheduled task, or train the admins to use a particular command line for creating a folder.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now