Solved

Create folders with the same name of the files in a folder and add the security permissions to each folder as per the name of the folder.

Posted on 2008-10-26
15
2,300 Views
Last Modified: 2012-05-05
Hi,

Create folders with the same name of the files in a folder and add the security permissions to each folder as per the name of the folder.
I have files which are the names of employers which needs to be moved to folders created by a script and add the security permissions of invividual folder with the same name. So just that user can access them.

Create folder with same name as the file
Move the file into the created folder
Share the folder (Everyone full acees)
Add the folder name into the security and remove any other user from the security permissions.

Folder name without the extension of the file has to be created.

Regards
Sharath
0
Comment
Question by:bsharath
  • 9
  • 6
15 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 22807825
You didn't mention the security rights, I assume you mean Full for that user?
This should work for you...
for /f %%a in ('dir /b') do call :process %%a

goto :eof
 

:process

set file=%1

set folder=%~n1

set fullpath=%~dpn1

md %folder%

move %file% %folder%

net share %folder%=%fullpath% /grant:Everyone,Full

cacls %fullpath% /t /g %folder%:F

pause

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 22808035
Thank U...

I get this

I Created a folder have a txt file as 'New.txt" and when run i get this...

D:\New Folder>for /F %a in ('dir /b') do call :process %a

D:\New Folder>call :process New.txt

D:\New Folder>set file=New.txt

D:\New Folder>set folder=New

D:\New Folder>set fullpath=D:\New Folder\New

D:\New Folder>md New

D:\New Folder>move New.txt New
        1 file(s) moved.

D:\New Folder>net share New=D:\New Folder\New /grant:Everyone,Full
The syntax of this command is:

NET SHARE
sharename
          sharename=drive:path [/GRANT:user,[READ | CHANGE | FULL]]
                               [/USERS:number | /UNLIMITED]
                               [/REMARK:"text"]
                               [/CACHE:Manual | Documents| Programs | None ]
          sharename [/USERS:number | /UNLIMITED]
                    [/REMARK:"text"]
                    [/CACHE:Manual | Documents | Programs | None]
          {sharename | devicename | drive:path} /DELETE
          sharename \\computername /DELETE


D:\New Folder>cacls D:\New Folder\New /t /g New:F

 NOTE: Cacls is now deprecated, please use Icacls.

 Displays or modifies access control lists (ACLs) of files

 CACLS filename [/T] [/M] [/L] [/S[:SDDL]] [/E] [/C] [/G user:perm]
                [/R user [...]] [/P user:perm [...]] [/D user [...]]
    filename      Displays ACLs.
    /T            Changes ACLs of specified files in
                  the current directory and all subdirectories.
    /L            Work on the Symbolic Link itself versus the target
    /M            Changes ACLs of volumes mounted to a directory
    /S            Displays the SDDL string for the DACL.
    /S:SDDL       Replaces the ACLs with those specified in the SDDL string
                  (not valid with /E, /G, /R, /P, or /D).
    /E            Edit ACL instead of replacing it.
    /C            Continue on access denied errors.
    /G user:perm  Grant specified user access rights.
                  Perm can be: R  Read
                               W  Write
                               C  Change (write)
                               F  Full control
    /R user       Revoke specified user's access rights (only valid with /E).
    /P user:perm  Replace specified user's access rights.
                  Perm can be: N  None
                               R  Read
                               W  Write
                               C  Change (write)
                               F  Full control
    /D user       Deny specified user access.
 Wildcards can be used to specify more that one file in a command.
 You can specify more than one user in a command.

 Abbreviations:
    CI - Container Inherit.
         The ACE will be inherited by directories.
    OI - Object Inherit.
         The ACE will be inherited by files.
    IO - Inherit Only.
         The ACE does not apply to the current file/directory.
    ID - Inherited.
         The ACE was inherited from the parent directory's ACL.

D:\New Folder>pause
Press any key to continue . . .
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 22808041
I didn't account for spaces in the folder name - sorry.
Try this:
for /f %%a in ('dir /b') do call :process %%a

goto :eof

 

:process

set file=%1

set folder=%~n1

set fullpath="%~dpn1"

md %folder%

move %file% %folder%

net share %folder%=%fullpath% /grant:Everyone,Full

cacls %fullpath% /t /g %folder%:F

pause

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 22808046
Where should i enter the folder path which needs to be queried. I tried having the bat file in the same folder as the files but the bat also is moved...
0
 
LVL 11

Author Comment

by:bsharath
ID: 22808054
Sorry if this is going to be different for Domain Users...
I have the file names as Domain Ntlogins
Which need's to be moved then shared and given access to the user from the Domain with User full access.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 22808161
Try this
cd /d D:\TestFolder

Set Domain=YourDomain

for /f %%a in ('dir /b') do call :process %%a

goto :eof

 

:process

set file=%1

set folder=%~n1

set fullpath="%~dpn1"

md %folder%

move %file% %folder%

net share %folder%=%fullpath% /grant:Everyone,Full

cacls %fullpath% /t /g %domain%\%folder%:F

pause

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 22808180
Thank U...
Am out of Domain reach now shall check and get back...
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 11

Author Comment

by:bsharath
ID: 22819928
This worked perfect but want the Domain\Administrator to be in the security of every folder i create a share. Or i am not able to get into the folders i created.
0
 
LVL 11

Author Comment

by:bsharath
ID: 22819929
This worked perfect but want the Domain\Administrator to be in the security of every folder i create a share. Or i am not able to get into the folders i created.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 22820922
just drop any other account(s) in there...like this:
(probably a good idea to keep SYSTEM account access too)
and send a 'y' for confirming the cacls change...
cd /d D:\TestFolder

Set Domain=YourDomain

for /f %%a in ('dir /b') do call :process %%a

goto :eof

 

:process

set file=%1

set folder=%~n1

set fullpath="%~dpn1"

md %folder%

move %file% %folder%

net share %folder%=%fullpath% /grant:Everyone,Full

echo y|cacls %fullpath% /t /g %domain%\%folder%:F %domain%\Administrator SYSTEM:F

pause

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 22821003
I get this

C:\TestFolder>echo y  | cacls "C:\TestFolder\Sharathr" /t /g development\Sharath:F development\Administrator SYSTEM:F
Invalid arguments.Displays or modifies access control lists (ACLs) of files
0
 
LVL 11

Author Comment

by:bsharath
ID: 22821004
I get this

C:\TestFolder>echo y  | cacls "C:\TestFolder\Sharathr" /t /g development\Sharath:F development\Administrator SYSTEM:F
Invalid arguments.Displays or modifies access control lists (ACLs) of files
0
 
LVL 67

Accepted Solution

by:
sirbounty earned 500 total points
ID: 22821021
Sorry, each should have a :F for Full access...that's what you need, right?
cd /d D:\TestFolder

Set Domain=YourDomain

for /f %%a in ('dir /b') do call :process %%a

goto :eof

 

:process

set file=%1

set folder=%~n1

set fullpath="%~dpn1"

md %folder%

move %file% %folder%

net share %folder%=%fullpath% /grant:Everyone,Full

echo y|cacls %fullpath% /t /g %domain%\%folder%:F %domain%\Administrator:F SYSTEM:F

pause

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 22838645
This was a Awesome help thank you worked perfect....
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 22839700
Happy to help - thanx for the grade! :^)
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I have published numerous articles here at Experts Exchange that present programs/scripts written in a language called AutoHotkey. Each of those articles has a brief paragraph describing where to download the product and how to install it. I have al…
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now