Solved

What is the best way to reset NTFS Permissions on a directory tree?

Posted on 2008-06-23
7
681 Views
Last Modified: 2012-06-21
Hi
I am having trouble with a directory which should be  accessed by a group of users.
On some of the subdirectories only the owner who copied the documents or made the new directories have access permission.  On other directories the administrator cannot even see the permissions on the directories.  When I try to apply changes to all the subdirectories from the parent I get "access denied" messages.
Could someone walk me through the steps to give "Group A"  read permissions, the owner change permissions  and the administrator permission to view and change security setting and browse folder?

Thanks for your help



0
Comment
Question by:tonitone2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 15

Expert Comment

by:fishadr
ID: 21845219
The XCacls.exe from Microsoft is pretty good at applying security to folders and files:
http://support.microsoft.com/kb/318754

The following has the examples of different scenario's:
http://technet2.microsoft.com/windowsserver/en/library/2c292829-afb0-4ac0-82e6-aa0f5273f1151033.mspx?mfr=true

You are likely to have to take ownership of all the files and folders yourself then you can apply the changes.
e.g.
xcacls.exe c:\data\Problem_folder /g administrators:o

Then you can apply the permissions that you require
0
 

Author Comment

by:tonitone2
ID: 21845823
Can I use Xcacls.vbs?     and what flags do I use to replace permissions on all files and folders?
/S /T  ?    
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21845926
You can use xcacls.vbs, it has a few more feature but on a server with quite a few files on it is very slow (due to it being a VBScript), the XCACLS.EXE is much faster.

To do all subfolders use the /S /T option
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:tonitone2
ID: 21846170
The xcacls.exe download at microsoft.com delivers an installer for xcacls.vbs
The commmand line  xcacls.vbs c:\data\Problem_folder /g administrators:o delivers an error message.
"Perm entered with /G not valid"
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21846318
With the VBS version just run

xcacls.vbs c:\data\Problem_folder /o "Domain\administrators"

replace Domain\ with the relevant domain name
0
 

Author Comment

by:tonitone2
ID: 21903896
Ok,  that's a start.
but   xcacls.vbs c:\data\Problem_folder /o "Domain\administrators"  will not give ownership to the tree including all files and folder but just the top folder, if I' not mistaken.  If I have to go through and change everthing individually that will take forever.
0
 
LVL 15

Accepted Solution

by:
fishadr earned 250 total points
ID: 21905711
If you add the /S (subdirectories) and /T (traverse diretories) this should apply ownership to all subdirectories.

http://support.microsoft.com/kb/825751
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question