Solved

What is the best way to reset NTFS Permissions on a directory tree?

Posted on 2008-06-23
7
682 Views
Last Modified: 2012-06-21
Hi
I am having trouble with a directory which should be  accessed by a group of users.
On some of the subdirectories only the owner who copied the documents or made the new directories have access permission.  On other directories the administrator cannot even see the permissions on the directories.  When I try to apply changes to all the subdirectories from the parent I get "access denied" messages.
Could someone walk me through the steps to give "Group A"  read permissions, the owner change permissions  and the administrator permission to view and change security setting and browse folder?

Thanks for your help



0
Comment
Question by:tonitone2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 15

Expert Comment

by:fishadr
ID: 21845219
The XCacls.exe from Microsoft is pretty good at applying security to folders and files:
http://support.microsoft.com/kb/318754

The following has the examples of different scenario's:
http://technet2.microsoft.com/windowsserver/en/library/2c292829-afb0-4ac0-82e6-aa0f5273f1151033.mspx?mfr=true

You are likely to have to take ownership of all the files and folders yourself then you can apply the changes.
e.g.
xcacls.exe c:\data\Problem_folder /g administrators:o

Then you can apply the permissions that you require
0
 

Author Comment

by:tonitone2
ID: 21845823
Can I use Xcacls.vbs?     and what flags do I use to replace permissions on all files and folders?
/S /T  ?    
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21845926
You can use xcacls.vbs, it has a few more feature but on a server with quite a few files on it is very slow (due to it being a VBScript), the XCACLS.EXE is much faster.

To do all subfolders use the /S /T option
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 

Author Comment

by:tonitone2
ID: 21846170
The xcacls.exe download at microsoft.com delivers an installer for xcacls.vbs
The commmand line  xcacls.vbs c:\data\Problem_folder /g administrators:o delivers an error message.
"Perm entered with /G not valid"
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21846318
With the VBS version just run

xcacls.vbs c:\data\Problem_folder /o "Domain\administrators"

replace Domain\ with the relevant domain name
0
 

Author Comment

by:tonitone2
ID: 21903896
Ok,  that's a start.
but   xcacls.vbs c:\data\Problem_folder /o "Domain\administrators"  will not give ownership to the tree including all files and folder but just the top folder, if I' not mistaken.  If I have to go through and change everthing individually that will take forever.
0
 
LVL 15

Accepted Solution

by:
fishadr earned 250 total points
ID: 21905711
If you add the /S (subdirectories) and /T (traverse diretories) this should apply ownership to all subdirectories.

http://support.microsoft.com/kb/825751
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
removing Exchange from an old windows 2003 DC 8 68
Best practice DHCP migration 7 76
Shadow copies windows server 2003 2 108
windows Server 2003 in 2017 10 109
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question