 asked on Script when run on a local machine has to check each share and change the permission of all users and groups not to have full ownership.
Hi,
Script when run on a local machine has to check each share and change the permission of all users and groups not to have full ownership.
What i mean is.
Say a user has full permissions on a folder in a remote machine. he can change like add user to the share from his machine on the remote machine. I want to remote those powers. Not sure on how to do it. Can we have a script that can check all the 100's of shares that i have in the machine and do that change for all the shares except 1 group.
i have the group name as "Nas Admin" only this has to have all the powers and change any other even the Administrator should not have permissions.
Regards
Sharath
Script when run on a local machine has to check each share and change the permission of all users and groups not to have full ownership.
What i mean is.
Say a user has full permissions on a folder in a remote machine. he can change like add user to the share from his machine on the remote machine. I want to remote those powers. Not sure on how to do it. Can we have a script that can check all the 100's of shares that i have in the machine and do that change for all the shares except 1 group.
i have the group name as "Nas Admin" only this has to have all the powers and change any other even the Administrator should not have permissions.
Regards
Sharath
@ECHO on
SETLOCAL ENABLEDELAYEDEXPANSION
Set CSVFile=C:\EveryoneShareSecurity.csv
IF NOT EXIST "%CSVFile%" ECHO "Machine Name","Share Name","Share/Security Info">"%CSVFile%"
for /F %%a in (C:\Computers.txt) do CALL :PROCESS %%a
GOTO :EOF
:PROCESS
for /f "tokens=1 delims=:" %%a in ('rmtshare \\%1^| find /v /i "default share" ^| find /v /i "Remote admin" ^| find /v /i "Remote IPC" ^| FIND /v /i "Printer drivers" ^| FIND ":"') DO (
set Share=%%a
set Share=!Share:~0,-2!
For /l %%z in (1,1,30) DO if "!Share:~-1!" == " " Set Share=!Share:~0,-1!
Set EveryoneSharePerm=
RMTSHARE \\%1\"!Share!" | find /i "\everyone" | find /i "FULL CONTROL"
IF NOT ERRORLEVEL 1 Set EveryoneSharePerm=Writeable
if not defined EveryoneSharePerm (
RMTSHARE \\%1\"!Share!" | find /i "\everyone" | find /i "CHANGE"
IF NOT ERRORLEVEL 1 Set EveryoneSharePerm=Writeable
)
IF DEFINED EveryoneSharePerm (
ECHO "%1","!Share!","Share permissions for everyone is writeable">>"%CSVFile%"
ECHO "%1","!Share!","Changing everyone share permmissions to read">>"%CSVFile%"
RMTSHARE \\%1\"!Share!" /grant everyone:R
RMTSHARE \\%1\"!Share!" | find /i "everyone" | find /i "READ"
IF NOT ERRORLEVEL 1 (
ECHO "%1","!Share!","Successfully changed everyone share permissions to read">>"%CSVFile%"
Set EveryoneSharePerm=
) ELSE (
ECHO "%1","!Share!","Error occurred while Changing everyone share permissions to read">>"%CSVFile%"
)
)
Set EveryoneSecurityPerm=
FOR /f "tokens=1,*" %%b in ('rmtshare \\%1\"!Share!" ^| FIND /i "Path"') DO (
Set SharePath=%%c
Set SharePath=!SharePath::=$!
cacls "\\%1\!SharePath!" | find /i "everyone" | findstr /e /i /c:"F "
IF NOT ERRORLEVEL 1 Set EveryoneSecurityPerm=Writeable
IF NOT DEFINED EveryoneSecurityPerm (
cacls "\\%1\!SharePath!" | find /i "everyone" | findstr /e /i /c:"C "
IF NOT ERRORLEVEL 1 Set EveryoneSecurityPerm=Writeable
)
IF DEFINED EveryoneSecurityPerm (
ECHO "%1","!Share!","Security everyone is writeable">>"%CSVFile%"
ECHO "%1","!Share!","Changing everyone security to read">>"%CSVFile%"
cacls "\\%1\!SharePath!" /e /t /p everyone:R
cacls "\\%1\!SharePath!" | find /i "everyone" | findstr /e /i /c:"R "
IF NOT ERRORLEVEL 1 (
ECHO "%1","!Share!","Successfully changed everyone security to read">>"%CSVFile%"
Set EveryoneSecurityPerm=
) ELSE (
ECHO "%1","!Share!","Error occurred while Changing everyone security to read">>"%CSVFile%"
)
)
)
IF DEFINED EveryoneSharePerm IF DEFINED EveryoneSecurityPerm ECHO "%1","!Share!","Share/Security permissions for everyone is writeable">>"%CSVFile%"
)
Programming Languages-OtherScripting LanguagesVB Script
Last Comment
bsharath
I would have to test but I think removing FULL CONTROL and give the MODIFY rights should fix the user granting another user rights. Â But there is also the Ownership aspect that would need to be removed.
ASKER
Ya i think so.
But this should exclude doing anything to one group called 'Nas Admin"
But this should exclude doing anything to one group called 'Nas Admin"
The share permissions &Â NTFS permissions would need to have Nas Admins FULL CONTROL for every share or leave Everyone FULL CONTROL on the share permission and READ on the NTFS permission.
Do you already have Nas Admins FULL CONTROL for share &Â NTFS permissions?
Do you already have Nas Admins FULL CONTROL for share &Â NTFS permissions?
ASKER
Hi AT
I already have 'Nas Admin" in both Share and security.
if its not there can i get them logged in a txt file.
Change all the other users and groups just remove full control
So they cannot do any additions from there machines to the server shares.
I already have 'Nas Admin" in both Share and security.
if its not there can i get them logged in a txt file.
Change all the other users and groups just remove full control
So they cannot do any additions from there machines to the server shares.
If it's not there we should add it before modifying the users permissions just in case you lose it.
ASKER
yes you are right we will need to add them or else i will not have permissions myself... :-(
ASKER
Any luck on this
Sorry just haven't had time yet.
ASKER
Any luck this week :-)
ASKER
ASKER
Any views on this.
OK.
Try this out.
Will check for groups that have share permissions.
Groups that only have security permissions are not modified.
Try this out.
Will check for groups that have share permissions.
Groups that only have security permissions are not modified.
@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
Set Admin=NAS Admins
Set CSVFile=C:\ChangeShareSecurityOnly.csv
IF NOT EXIST "%CSVFile%" ECHO "Machine Name","Share Name","Share/Security Info">"%CSVFile%"
for /F %%a in (C:\Computers.txt) do CALL :PROCESS %%a
GOTO :EOF
:PROCESS
for /f "tokens=1 delims=:" %%a in ('rmtshare \\%1^| find /v /i "default share" ^| find /v /i "Remote admin" ^| find /v /i "Remote IPC" ^| FIND /v /i "Printer drivers" ^| FIND ":"') DO (
set Share=%%a
set Share=!Share:~0,-2!
For /l %%z in (1,1,30) DO if "!Share:~-1!" == " " Set Share=!Share:~0,-1!
RMTSHARE \\%1\"!Share!" | find /i "\%Admin%" | find /i "FULL CONTROL"
IF ERRORLEVEL 1 (
ECHO "%1","!Share!","Changing permissions for %Admin% to FULL access">>"%CSVFile%"
RMTSHARE \\%1\"!Share!" /grant "%Admin%":F
RMTSHARE \\%1\"!Share!" | find /i "%Admin%" | find /i "FULL"
IF NOT ERRORLEVEL 1 (
ECHO "%1","!Share!","Successfully changed %Admin% share permissions to FULL access">>"%CSVFile%"
) ELSE (
ECHO "%1","!Share!","Error occurred while Changing %Admin% share permissions to FULL access">>"%CSVFile%"
)
)
Set AdminSecurityPerm=
FOR /f "tokens=1,*" %%b in ('rmtshare \\%1\"!Share!" ^| FIND /i "Path"') DO (
Set SharePath=%%c
Set SharePath=!SharePath::=$!
cacls "\\%1\!SharePath!" | find /i "%Admin%" | findstr /e /i /c:"F "
IF NOT ERRORLEVEL 1 Set AdminSecurityPerm=Writeable
IF NOT DEFINED AdminSecurityPerm (
ECHO "%1","!Share!","Security Group %Admin% is not FULL access">>"%CSVFile%"
ECHO "%1","!Share!","Changing %Admin% security to FULL access">>"%CSVFile%"
cacls "\\%1\!SharePath!" /e /t /p "%Admin%":F
cacls "\\%1\!SharePath!" | find /i "%Admin%" | findstr /e /i /c:"F "
IF NOT ERRORLEVEL 1 (
ECHO "%1","!Share!","Successfully changed %Admin% security to FULL access">>"%CSVFile%"
Set AdminSecurityPerm=
) ELSE (
ECHO "%1","!Share!","Error occurred while Changing %Admin% security to FULL access">>"%CSVFile%"
)
)
)
FOR /f "Skip=6 Tokens=1 delims=:" %%b in ('RMTSHARE \\0012620-SXP\"!Share!" ^| FIND /v /i "The command completed successfully."') do (
Set Group=%%b
For /l %%z in (1,1,30) DO if "!Group:~-1!" == " " Set Group=!Group:~0,-1!
For /l %%z in (1,1,30) DO if "!Group:~0,1!" == " " Set Group=!Group:~1!
ECHO !Group!
Set GroupSharePerm=
RMTSHARE \\%1\"!Share!" | find /i "!Group!" | find /i "FULL CONTROL"
IF NOT ERRORLEVEL 1 Set GroupSharePerm=FULL
if not defined GroupSharePerm (
RMTSHARE \\%1\"!Share!" | find /i "!Group!" | find /i "CHANGE"
IF NOT ERRORLEVEL 1 Set GroupSharePerm=CHANGE
)
if not defined GroupSharePerm (
RMTSHARE \\%1\"!Share!" | find /i "!Group!" | find /i "READ"
IF NOT ERRORLEVEL 1 Set GroupSharePerm=READ
)
echo !Group! | FIND /i "%Admin%"
IF ERRORLEVEL 1 IF "!GroupSharePerm!" == "FULL" (
ECHO "%1","!Share!","Share permissions for !Group! is FULL access">>"%CSVFile%"
ECHO "%1","!Share!","Changing !Group! share permmissions to CHANGE access">>"%CSVFile%"
RMTSHARE \\%1\"!Share!" /grant "!Group!":C
RMTSHARE \\%1\"!Share!" | find /i "!Group!" | find /i "CHANGE"
IF NOT ERRORLEVEL 1 (
ECHO "%1","!Share!","Successfully changed !Group! share permissions to CHANGE access">>"%CSVFile%"
Set GroupSharePerm=CHANGE
) ELSE (
ECHO "%1","!Share!","Error occurred while changing !Group! share permissions to CHANGE access">>"%CSVFile%"
)
)
IF "!Group:~0,1!"=="\" Set Group=!Group:~1!
Set GroupSecurityPerm=
FOR /f "tokens=1,*" %%b in ('rmtshare \\%1\"!Share!" ^| FIND /i "Path"') DO (
Set SharePath=%%c
Set SharePath=!SharePath::=$!
cacls "\\%1\!SharePath!" | find /i "!Group!" | findstr /e /i /c:"F "
IF NOT ERRORLEVEL 1 Set GroupSecurityPerm=FULL
IF NOT DEFINED GroupSecurityPerm (
cacls "\\%1\!SharePath!" | find /i "!Group!" | findstr /e /i /c:"C "
IF NOT ERRORLEVEL 1 Set GroupSecurityPerm=CHANGE
)
IF NOT DEFINED GroupSecurityPerm (
cacls "\\%1\!SharePath!" | find /i "!Group!" | findstr /e /i /c:"R "
IF NOT ERRORLEVEL 1 Set GroupSecurityPerm=READ
)
echo !Group! | FIND /i "%Admin%"
IF ERRORLEVEL 1 IF "!GroupSecurityPerm!" == "FULL" (
ECHO "%1","!Share!","Security !Group! is !GroupSecurityPerm! access">>"%CSVFile%"
ECHO "%1","!Share!","Changing !Group! security to CHANGE access">>"%CSVFile%"
cacls "\\%1\!SharePath!" /e /t /p "!Group!":C
cacls "\\%1\!SharePath!" | find /i "!Group!" | findstr /e /i /c:"C "
IF NOT ERRORLEVEL 1 (
ECHO "%1","!Share!","Successfully changed !Group! security to CHANGE access">>"%CSVFile%"
Set GroupSecurityPerm=CHANGE
) ELSE (
ECHO "%1","!Share!","Error occurred while changing !Group! security to CHANGE access">>"%CSVFile%"
)
)
)
IF DEFINED GroupSharePerm IF DEFINED GroupSecurityPerm ECHO "%1","!Share!","!Group! has Share permissions=!GroupSharePerm! Security permissions=!GroupSecurityPerm!">>"%CSVFile%"
)
)
ASKER
AT Thanks
Will the permissions be changed for all groups in Share and permissions.Will this script just log the data or does the changes?
Will the permissions be changed for all groups in Share and permissions.Will this script just log the data or does the changes?
It will do the changes if the group not "NAS Admin" is set to FULL.
ASKER
Will i get a log that shows what has been done.
Does it even change the poermissions of all users and groups in the shares in both Share permission and security.?
Why i ask is i will be doing it on a 500 Shares Nas machine...:-)
Does it even change the poermissions of all users and groups in the shares in both Share permission and security.?
Why i ask is i will be doing it on a 500 Shares Nas machine...:-)
ASKER
Will i get a log that shows what has been done.
Does it even change the poermissions of all users and groups in the shares in both Share permission and security.?
Why i ask is i will be doing it on a 500 Shares Nas machine...:-)
Does it even change the poermissions of all users and groups in the shares in both Share permission and security.?
Why i ask is i will be doing it on a 500 Shares Nas machine...:-)
Users or groups that have share permissions.
Users or groups that only have security permissions only are untouched.
All activity is logged in
Set CSVFile=C:\ChangeShareSecu
Users or groups that only have security permissions only are untouched.
All activity is logged in
Set CSVFile=C:\ChangeShareSecu
ASKER
I get this
Account NAS Admin is not found.
The command failed: 1788
The trust relationship between the primary domain and the trusted domain failed.
In the csv i get this
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Changing permissions for NAS Admin to FULL access
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Error occurred while Changing NAS Admin share permissions to FULL access
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Security Group NAS Admin is not FULL access
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Changing NAS Admin security to FULL access
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Error occurred while Changing NAS Admin security to FULL access
Account NAS Admin is not found.
The command failed: 1788
The trust relationship between the primary domain and the trusted domain failed.
In the csv i get this
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Changing permissions for NAS Admin to FULL access
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Error occurred while Changing NAS Admin share permissions to FULL access
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Security Group NAS Admin is not FULL access
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Changing NAS Admin security to FULL access
Dev-nas01 Â Â Â Â Â LE22 Â Â Â Â Â Error occurred while Changing NAS Admin security to FULL access
Can you add the domain to this line?
Set Admin=Domain\NAS Admins
Set Admin=Domain\NAS Admins
ASKER
I get this
Account development\NAS Admin is not found.
The command failed: 1332
No mapping between account names and security IDs was done.
nas Admin is a group will that be a problem.?
Account development\NAS Admin is not found.
The command failed: 1332
No mapping between account names and security IDs was done.
nas Admin is a group will that be a problem.?
Hmm...
try:
dsquery group -name "NAS Admin" | dsget group -samid
try:
dsquery group -name "NAS Admin" | dsget group -samid
Or just this first to see if it can find NAS Admin.
dsquery group -name "NAS Admin"
dsquery group -name "NAS Admin"
ASKER
Sorry AT the group name is
Nas_Admin now i get all as successfull but could not find a difference in the shares. Can you tell me what the script does.
Gives full permissions to Nas_Admin group in both Share and security. If not there then add's the group.
Does it change the other users &Â groups permissions ?
Nas_Admin now i get all as successfull but could not find a difference in the shares. Can you tell me what the script does.
Gives full permissions to Nas_Admin group in both Share and security. If not there then add's the group.
Does it change the other users &Â groups permissions ?
ASKER
Sorry AT the group name is
Nas_Admin now i get all as successfull but could not find a difference in the shares. Can you tell me what the script does.
Gives full permissions to Nas_Admin group in both Share and security. If not there then add's the group.
Does it change the other users &Â groups permissions ?
Nas_Admin now i get all as successfull but could not find a difference in the shares. Can you tell me what the script does.
Gives full permissions to Nas_Admin group in both Share and security. If not there then add's the group.
Does it change the other users &Â groups permissions ?
It only takes the Groups or Users who have Share permissions. If the Share or NTFS security permissions for the group or user is FULL it changes it to CHANGE. READ will stay READ and CHANGE will stay CHANGE.
All extra users or groups in NTFS security are not checked.
All extra users or groups in NTFS security are not checked.
ASKER
Ok...
Say i have a folder called
Products
Thers are 3 groups in both share and security and 1 user
Nas_Admin (Full access)
Products-SGR (REad access)
Products-SGW (Full access)
Sharath (Full access)
Now what will the changes be.
Why i ask is i could not find any changes being made... :-(
Say i have a folder called
Products
Thers are 3 groups in both share and security and 1 user
Nas_Admin (Full access)
Products-SGR (REad access)
Products-SGW (Full access)
Sharath (Full access)
Now what will the changes be.
Why i ask is i could not find any changes being made... :-(
ASKER
Ok...
Say i have a folder called
Products
Thers are 3 groups in both share and security and 1 user
Nas_Admin (Full access)
Products-SGR (REad access)
Products-SGW (Full access)
Sharath (Full access)
Now what will the changes be.
Why i ask is i could not find any changes being made... :-(
Say i have a folder called
Products
Thers are 3 groups in both share and security and 1 user
Nas_Admin (Full access)
Products-SGR (REad access)
Products-SGW (Full access)
Sharath (Full access)
Now what will the changes be.
Why i ask is i could not find any changes being made... :-(
What does the csv file say?
ASKER
Shows as
Dev-nas01 Â Â Â LE22 Â Â Â Changing permissions for NAS Admin to FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Error occurred while Changing NAS Admin share permissions to FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Security Group NAS Admin is not FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Changing NAS Admin security to FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Error occurred while Changing NAS Admin security to FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Changing permissions for NAS Admin to FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Error occurred while Changing NAS Admin share permissions to FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Security Group NAS Admin is not FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Changing NAS Admin security to FULL access
Dev-nas01 Â Â Â LE22 Â Â Â Error occurred while Changing NAS Admin security to FULL access
Did you change it to the underscore?
Set Admin=NAS_Admin
Set Admin=NAS_Admin
ASKER
Yes i did change.
I pasted the old one.
I get this
Dev-chen-nas01 Â Â Â Â Â STS Â Â Â Â Â Changing permissions for development\NAS_Admin to FULL access
Dev-chen-nas01 Â Â Â Â Â STS Â Â Â Â Â Successfully changed development\NAS_Admin share permissions to FULL access
I cannot find any change as the Nas_admin already has full access. The change that needs to be made is mostly on the other users and groups in share and security permissions
I pasted the old one.
I get this
Dev-chen-nas01 Â Â Â Â Â STS Â Â Â Â Â Changing permissions for development\NAS_Admin to FULL access
Dev-chen-nas01 Â Â Â Â Â STS Â Â Â Â Â Successfully changed development\NAS_Admin share permissions to FULL access
I cannot find any change as the Nas_admin already has full access. The change that needs to be made is mostly on the other users and groups in share and security permissions
It doesn't seem to be picking up the other groups from the share.
Can you post?
RMTSHARE \\Dev-chen-nas01\STS
Can you post?
RMTSHARE \\Dev-chen-nas01\STS
ASKER
I get this
C:\>RMTSHARE \\Dev-chen-nas01\STS-sgw
The command failed: 2310
C:\>RMTSHARE \\Dev-chen-nas01\STS
Share name     \\Dev-chen-nas01\STS
Path        D:\STS
Remark
Maximum users   No limit
Users       0
Permissions:
DEVELOPMENT\STS-SGW Â : Â FULL CONTROL
DEVELOPMENT\Nas_Admin : Â FULL CONTROL
The command completed successfully.
C:\>RMTSHARE \\Dev-chen-nas01\STS-sgw
The command failed: 2310
C:\>RMTSHARE \\Dev-chen-nas01\STS
Share name     \\Dev-chen-nas01\STS
Path        D:\STS
Remark
Maximum users   No limit
Users       0
Permissions:
DEVELOPMENT\STS-SGW Â : Â FULL CONTROL
DEVELOPMENT\Nas_Admin : Â FULL CONTROL
The command completed successfully.
Post C:\Test.txt
SETLOCAL ENABLEDELAYEDEXPANSION
FOR /f "Skip=6 Tokens=1 delims=:" %%b in ('RMTSHARE \\dev-chen-nas01\"STS" ^| FIND /v /i "The command completed successfully."') do (
Set Group=%%b
For /l %%z in (1,1,30) DO if "!Group:~-1!" == " " Set Group=!Group:~0,-1!
For /l %%z in (1,1,30) DO if "!Group:~0,1!" == " " Set Group=!Group:~1!
ECHO "!Group!">>C:\Test.txt
)
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
At its been say 3 + hrs and the script is running i could see these changes for the groups that have full access to be changed as this
Full control is Unchecked
Delete Subfolders and Files is unchecked
Change permissions is unchecked
Take Ownership is unchecked
Is the
Delete Subfolders and Files mandatory
Why i ask is a user may need to delete them...
Full control is Unchecked
Delete Subfolders and Files is unchecked
Change permissions is unchecked
Take Ownership is unchecked
Is the
Delete Subfolders and Files mandatory
Why i ask is a user may need to delete them...
ASKER
At its been say 3 + hrs and the script is running i could see these changes for the groups that have full access to be changed as this
Full control is Unchecked
Delete Subfolders and Files is unchecked
Change permissions is unchecked
Take Ownership is unchecked
Is the
Delete Subfolders and Files mandatory
Why i ask is a user may need to delete them...
Full control is Unchecked
Delete Subfolders and Files is unchecked
Change permissions is unchecked
Take Ownership is unchecked
Is the
Delete Subfolders and Files mandatory
Why i ask is a user may need to delete them...
It's only changing to CHANGE using cacls
cacls "\\%1\!SharePath!" /e /t /p "!Group!":C
cacls "\\%1\!SharePath!" /e /t /p "!Group!":C
ASKER
Will the script change folder permissions and even try inheriting them on all child folders and files?
Even this is unchecked
Delete Subfolders and Files is unchecked
Is this required?
Even this is unchecked
Delete Subfolders and Files is unchecked
Is this required?
ASKER
Will the script change folder permissions and even try inheriting them on all child folders and files?
Even this is unchecked
Delete Subfolders and Files is unchecked
Is this required?
Even this is unchecked
Delete Subfolders and Files is unchecked
Is this required?
Hmm... The normal CHANGE permission has these unchecked.
Full Control
Delete Subfolders and Files
Change Permissions
Take Ownership
Using CACLS you need to /t to make sure the subfolders and files get the change in permissions it does this my explicitly setting the permission to each subfolder or file. Any new file or subfolder it will get it's permission inherited. Unfortunately, I don't think there is a way to get around this using cacls.
Full Control
Delete Subfolders and Files
Change Permissions
Take Ownership
Using CACLS you need to /t to make sure the subfolders and files get the change in permissions it does this my explicitly setting the permission to each subfolder or file. Any new file or subfolder it will get it's permission inherited. Unfortunately, I don't think there is a way to get around this using cacls.
ASKER
AT if this is unchecked
Delete Subfolders and Files
That means no one except the Nas_Admins can delete the files in there?
Delete Subfolders and Files
That means no one except the Nas_Admins can delete the files in there?
They can they have Delete right.
ASKER
Ok then what does this option mean.
Delete Subfolders and Files
Delete Subfolders and Files
ASKER
Thanks a lot AT works perfect... This was an Awesome help....
ASKER