I have a Windows 2003 server that has got its share permissions and security settings well and truly messed up as the result of a migration from an old server 2000 box that had corrupt shares and security. The server local admin account has got corrupt special permissions that seem to be a major factor in the problems
What I need to do is to :
1. Remove all permissions and security for all folders, shares and files on the data partition.
2. Recreate default administrative access (administraor, domain admin etc) to all folders, files and shares
3. add security for any top level security groups and re-establish & apply inheritance at the appropriate point in the directory structure (eg admin team for admin folder area)
4. interrogate AD for each user account and capture the user home profile folder location
5. using the above (4) add specific default user rights (create / modify / delete) to each user's respective home folder (and any sub directories)
End result should be that admin accounts have full access / control to everything, security group permissions are inherited down the tree coreectly, users only have access to their specific home folder ( and profile folder if applicable )
I've been looking at vbs to so this but would really appreciate some support with putting a script together. If someone has already written a script to do this - even better !