Solved

Useing a Batch file to set user folder permissions

Posted on 2009-04-06
7
1,657 Views
Last Modified: 2013-11-25
I am trying to create a batch file that will read a .txt file that lists usernames on each line in the file and create a folder for each username in the file.  This part appears to be working correctly.  I am having a fit out of gettng the appropriate permissions set on each folder.  Each folder should have the following permissions:
%domiain%\%Username%:F %domain%\Administrators:F %domain%\Teachers:F

Here is my batch file:
________________________________
Set ShareFolder=D:\Usertestfolder\2012
Set Domain=SEMS
for /f %%a in (test.txt) do call :process "%%a"
goto :eof
 
:process
set folder=%~1
set fullpath=%ShareFolder%\%Folder%
md "%fullpath%"
echo y|cacls "%fullpath%" /t /c /g %domain%\%folder%:F %domain%\Administrator:F SYSTEM:F %domain%Teachers:F
pause
________________________

Here are my results:
________________________

C:\Documents and Settings\Admin\Desktop>Set ShareFolder=D:\Usertestfolder\2012

C:\Documents and Settings\Admin\Desktop>Set Domain=SEMS

C:\Documents and Settings\Admin\Desktop>for /F %a in (test.txt) do call :process
 "%a"

C:\Documents and Settings\Admin\Desktop>call :process "AAA_Student"

C:\Documents and Settings\Admin\Desktop>set folder=AAA_Student

C:\Documents and Settings\Admin\Desktop>set fullpath=D:\Usertestfolder\2012\AAA_
Student

C:\Documents and Settings\Admin\Desktop>md "D:\Usertestfolder\2012\AAA_Student"

A subdirectory or file D:\Usertestfolder\2012\AAA_Student already exists.

C:\Documents and Settings\Admin\Desktop>echo y  | cacls "D:\Usertestfolder\2012\
AAA_Student" /t /c /g SEMS\AAA_Student:F SEMS\Administrator:F SYSTEM:F SEMSTeach
ers:F
No mapping between account names and security IDs was done.

C:\Documents and Settings\Admin\Desktop>pause
Press any key to continue . . .
_____________________________

Any Help would be greatly appreciated.  BTW this is on Server 2003 OS
0
Comment
Question by:jring_3770
  • 4
  • 3
7 Comments
 
LVL 3

Expert Comment

by:Popeyediceclay
Comment Utility
Change "%domain%Teachers:F" to be "%domain%\Teachers:F"
0
 

Author Comment

by:jring_3770
Comment Utility
Thanks for the quick response.
I have changed "%domain%Teachers:F" to be "%domain%\Teachers:F" and I am still getting the same result.   The folders are being created however they still inherit prmissions from the parent folder instead of recieveing the permissions set by the batch file.
0
 
LVL 3

Expert Comment

by:Popeyediceclay
Comment Utility
Are you still getting the "No mapping between account names and security IDs was done." message or just not working?

If you're still getting the message it should mean that the user doesn't exist in the domain.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:jring_3770
Comment Utility
I am still getting "No mapping between account names and security IDs was done."  message.  i have created a .txt file that contains 3 usernames copy & pasted directy from AD.  I would prefer this batch file would gather the usernames from  an OU in AD and created the folders for each user and set the permissions %domiain%\%Username%:F %domain%\Administrators:F %domain%\Teachers:F
However I am unsure as to if this is possible.
0
 
LVL 3

Accepted Solution

by:
Popeyediceclay earned 500 total points
Comment Utility
To get the names from an OU in the AD you should use vbscript, you can use it like a batch file.

I assumed the DNS name of the domain was sems.com?  Might need to change this line:
strDomain  = "DC=sems,DC=com"

If this has issues just uncomment the MsgBox lines to help debug, copy and paste this into a text file, call it "CreateUserFolders.vbs", might also require additional editing:


'''Variables to set

strRootDir = "D:\Usertestfolder\2012"

strOrgUnit = "OU=Users"  'To add a sub OU just add "OU=<NAME>," in front, like - "OU=<NAME>,OU=Users"

strDomain  = "DC=sems,DC=com"

strNETBIOSDomain = "SEMS"
 

Set objShell = CreateObject("Wscript.Shell")

Set objFSO = CreateObject("Scripting.FileSystemObject")
 

'''Get all users in the OU

'MsgBox "Org Unit set to - " & "LDAP://" & strOrgUnit & "," & strDomain

Set objOU = GetObject("LDAP://" & strOrgUnit & "," & strDomain)

objOU.Filter = Array("user")
 

For Each objChild In objOU
 

        'MsgBox "User set to - " & "LDAP://" & objChild.Name & "," & strOrgUnit & "," & strDomain

        Set objUser = GetObject("LDAP://" & objChild.Name & "," & strOrgUnit & "," & strDomain)
 

        '''Get the log on username and the Full Name

        strAccount = objUser.Get("sAMAccountName")

        strFullName = Right(objChild.Name, Len(objChild.Name) - 3)
 

        '''Set the target folder name by using the log on name OR the persons First and Last name, uncomment to choose:

        '''Account Name:

        strFolderName = strRootDir & strAccount

        '''Full Name:

        'strFolderName = strRootDir & strFullName
 

        '''Create the user folder if it doesn't exist

        On Error Resume Next

        If Not objFSO.GetFolder(strFolderName) Then

                On Error GoTo 0

                objFSO.CreateFolder(strFolderName)

        End If

        On Error GoTo 0
 

        '''Assign permissions

        If objFSO.FolderExists(strFolderName) Then

                ' Assign user permissions to home folder.

                strCommand = "%COMSPEC% /c Echo Y| cacls " & Chr(34) & strFolderName & Chr(34) & " /t /c /g " & _

                        '''Users and Groups to add:

                        Chr(34) & strNETBIOSDomain & "\" & "Administrator" & Chr(34) & ":F " & _

                        Chr(34) & strNETBIOSDomain & "\" & "Teachers" & Chr(34) & ":F " & _

                        Chr(34) & strNETBIOSDomain & "\" & strAccount & Chr(34) & ":F " & _

                        ""

                intRunError = objShell.Run(strCommand, 2, True)

                If intRunError <> 0 Then

                        MsgBox "Error assigning permissions for user " _

                        & strNETBIOSDomain & "\" & strAccount & " to home folder " & strFolderName

                        MsgBox strCommand

                End If

        Else

                MsgBox "Folder does not exist: " & strHomeFolder

        End If
 

Next
 

MsgBox "Complete"

Open in new window

0
 

Author Comment

by:jring_3770
Comment Utility
Thanks Popeyediceclay I'll try this and let you know how it goes.
0
 

Author Closing Comment

by:jring_3770
Comment Utility
You Are The MAN!!!  That works great!  Thanks ever so much!  You just saved me a ton of work.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

If you are using Scrum Framework or another agile process, a retrospective may be part of it. Does your team perform retrospectives? Are you getting value from your retrospectives? I see a common anti-pattern when people conduct a retrospective f…
In Agile (http://en.wikipedia.org/wiki/Agile_software_development), time and again people ask this question "How would you estimate a release for a product?". When it comes from management they want to know the following: Calculate the man hours wh…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now