• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 686
  • Last Modified:

What is the best way to reset NTFS Permissions on a directory tree?

Hi
I am having trouble with a directory which should be  accessed by a group of users.
On some of the subdirectories only the owner who copied the documents or made the new directories have access permission.  On other directories the administrator cannot even see the permissions on the directories.  When I try to apply changes to all the subdirectories from the parent I get "access denied" messages.
Could someone walk me through the steps to give "Group A"  read permissions, the owner change permissions  and the administrator permission to view and change security setting and browse folder?

Thanks for your help



0
tonitone2
Asked:
tonitone2
  • 4
  • 3
1 Solution
 
fishadrCommented:
The XCacls.exe from Microsoft is pretty good at applying security to folders and files:
http://support.microsoft.com/kb/318754

The following has the examples of different scenario's:
http://technet2.microsoft.com/windowsserver/en/library/2c292829-afb0-4ac0-82e6-aa0f5273f1151033.mspx?mfr=true

You are likely to have to take ownership of all the files and folders yourself then you can apply the changes.
e.g.
xcacls.exe c:\data\Problem_folder /g administrators:o

Then you can apply the permissions that you require
0
 
tonitone2Author Commented:
Can I use Xcacls.vbs?     and what flags do I use to replace permissions on all files and folders?
/S /T  ?    
0
 
fishadrCommented:
You can use xcacls.vbs, it has a few more feature but on a server with quite a few files on it is very slow (due to it being a VBScript), the XCACLS.EXE is much faster.

To do all subfolders use the /S /T option
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
tonitone2Author Commented:
The xcacls.exe download at microsoft.com delivers an installer for xcacls.vbs
The commmand line  xcacls.vbs c:\data\Problem_folder /g administrators:o delivers an error message.
"Perm entered with /G not valid"
0
 
fishadrCommented:
With the VBS version just run

xcacls.vbs c:\data\Problem_folder /o "Domain\administrators"

replace Domain\ with the relevant domain name
0
 
tonitone2Author Commented:
Ok,  that's a start.
but   xcacls.vbs c:\data\Problem_folder /o "Domain\administrators"  will not give ownership to the tree including all files and folder but just the top folder, if I' not mistaken.  If I have to go through and change everthing individually that will take forever.
0
 
fishadrCommented:
If you add the /S (subdirectories) and /T (traverse diretories) this should apply ownership to all subdirectories.

http://support.microsoft.com/kb/825751
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now