Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

vb scripting - cacls - for domain users

Posted on 2010-08-19
8
Medium Priority
?
631 Views
Last Modified: 2012-05-10
hi experts,

i cant seem to get this script to work with GPO. I have linked the GPO to a specific OU with user account in that OU, and added the attached login script at the User Config. Please help.

we have just migrated our users' profile from the old to the new domain using the "Copy To" option. However, we encountered issues where users have created and saved their documents into their own folders in C drives with their old domain login. After migration, and when they login with their new profile, these folders were not editable due to permissions issues. We could individually assign permissions but a scripted solution would be more elegant
' VBScript ~ addACL.vbs
' Version: 	Draft 1
' Date: 	20 August 2010
'---------------------------------------------------
On Error Resume Next

Dim fso
Dim WshNetwork

Set fso = CreateObject("Scripting.FileSystemObject")
Set WshNetwork = CreateObject("WScript.Network")
 
DomainString = WshNetwork.UserDomain
UserString = WshNetwork.UserName
 
'------------------------------------------------------------
' Add New Domain User to NTFS ACL of D:\UserFolder 
'------------------------------------------------------------
If fso.FolderExists("D:\UserFolder") then
	WshShell.run "cacls D:\UserFolder /G " & DomainString & "\" & UserString & ":F /C /E /T",0,true	
End If

WScript.Quit

Open in new window

0
Comment
Question by:kenny_klbn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 65

Expert Comment

by:RobSampson
ID: 33481476
Hi, a normal user, not already having rights to the folder, whill not be able to change the ACL on those folders.  I think the easiest solution would be to run it as a StartUp script, under Computer Configuration, which would run as the Local System account, and you will need to grant rights to Domain Users instead....
Regards,
Rob.
0
 

Author Comment

by:kenny_klbn
ID: 33481561
hi Rob,
what's the code to include Domain Users or Authenticated Users? Much help appreciated.
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 33481635
Hi, it should just be
WshShell.run "cacls D:\UserFolder /G """ & DomainString & "\Domain Users"  & """:F /C /E /T",0,true
Regards,
Rob.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:kenny_klbn
ID: 33481712
hi Rob,

it didnt work. how do i troubleshoot this?
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 2000 total points
ID: 33481719
Is the folder actually called D:\UserFolder?
Is cacls.exe in the System32 folder?  If cacls.exe is not in a folder in the %PATH% environment variable, you will need to specify the full path to the cacls.exe
You could test it by running this from the command line, while logged in as an admin:
cacls D:\UserFolder /G "DomainString\Domain Users":F /C /E /T
and see what the result is.
Also, try this anyway
WshShell.run "cacls D:\UserFolder /G """ & DomainString & "\Domain Users"":F /C /E /T",0,true
Regards,
Rob.
0
 

Author Comment

by:kenny_klbn
ID: 33482254
hi Rob,

thanks. ive added

Dim WshShell
Set WshShell = CreateObject("WScript.Shell")
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 33482263
Oh yeah, that wasn't in your original code, I didn't notice.....
Thanks for the grade.   What was the line that ended up working?
Regards,
Rob.
0
 

Author Comment

by:kenny_klbn
ID: 33547937
hi Rob,

fyi,

WshShell.run "cacls D:\UserFolder /G """ & DomainString & "\Domain Users"":F /C /E /T",0,true
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently I finished a vbscript that I thought I'd share.  It uses a text file with a list of server names to loop through and get various status reports, then writes them all into an Excel file.  Originally it was put together for our Altiris server…
When it comes to writing scripts for a Client/Server computing environment it is essential to consider some way of enabling the authentication functionality within a script. This sort of consideration mainly comes into the picture when we are dealin…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question