Solved

Set permissions by file name/Inherit Ownership MS Server 2008

Posted on 2012-04-10
6
301 Views
Last Modified: 2012-08-25
Kind of a two part question here. Need to find a way to :

1.) set permissions on folders based on folder name. Scenario - I have hundreds of site based folders, and inside of each one of these folders are four folders, each with the same name

Example

Sites -

   -Site 1
        -Folder A
        -Folder B
        -Folder C
   -Site 2
        -Folder A
        -Folder B
        -Folder C
 and so on.

   I'm trying to find a way to set a permission on every folder under 'sites' named 'Folder A'. I've tried using an XCacl VbScript, but it errors out. Wondering if I am running into ownership issues, as folders are created by different people, which leads to

2) Does anyone know of a way to do a bulk change of folder ownership, so I can set ownership on a parent folder and have all child folders inherit the ownership? I know the chown command works for linux, but havent been able to find anything for MS.
0
Comment
Question by:MRowan75
  • 4
  • 2
6 Comments
 
LVL 10

Expert Comment

by:George Khairallah
Comment Utility
0
 
LVL 10

Expert Comment

by:George Khairallah
Comment Utility
This is a quick script that I usually use to fix permissions on user folders (it's written in Kix, can be easily converted to VB). You would have to modify it to fit your folder structure, but it should put you on the right track.

Break ON
; 
; Change this to the base path where your directory is. so, in this case, the user folders would be here: d:\students\%USERNAME%
Global $BasePath $BasePath = 'D:\Students' 
; Replace this with your NetBIOS domain name. (This is used for domain\user notation) 
Global $Domain $Domain = 'YOUROMDAIN'
;-------------------------------------------------------------------

Dim $fh $fh = FreeFileHandle
$ = Open($fh, @SCRIPTDIR + "\users.txt")

$UserName = ReadLine($fh)
Do
	Trim($UserName)
	Shell '%COMSPEC% /c icacls ' + $BasePath + '\' + $UserName + ' /t /c /l /grant ' + $Domain + '\' + $UserName + ':(OI)(CI)F'
	Shell '%COMSPEC% /c icacls ' + $BasePath + '\' + $UserName + ' /setowner ' + $Domain + '\' + $UserName
	$UserName = ReadLine($fh)
Until @ERROR = -1
$ = Close($fh)

Open in new window

0
 
LVL 1

Author Comment

by:MRowan75
Comment Utility
Thanks. I was able to use icacls to set ownership on all files. Still dealing with the issue of trying to set permissions on all folders named 'settings', as opposed to drilling down to each individual folder. For example,

C:\Sites\Site1\Settings
C:\Sites\Site2\Settings
C:\Sites\Site3\Settings ect.

I have about 700 'site#' folders, and need to edit permissions on every "site#\settings folder". Is there a command or tool that will find all folders named 'settings' within the Sites top level to allow me to do this without manually typing the command 700 times? I'm getting the impression there isn't and I have a long day/week of typing ahead of me...
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 10

Expert Comment

by:George Khairallah
Comment Utility
are the Site# all under C:\Sites?
You just want to be able to go through the folder C:\Sites\SiteX through C:\Sites\SitesY and change the permissions on the "Settings" folder in each of them?
0
 
LVL 1

Author Comment

by:MRowan75
Comment Utility
Yes, that is what I am looking for.
0
 
LVL 10

Accepted Solution

by:
George Khairallah earned 500 total points
Comment Utility
So I'm not exactly sure of what you're looking to do, but I changed the code so that you can iterate through 700 Site folders, and you can then change whatever you need on each of them. You can run the script as is to see what directories will be targeted. (I commented out the icacls part).

BREAK ON
for $i = 1 to 700
;
; Change this to the base path where your directory is. so, in this case, the user folders would be here: d:\students\%USERNAME%
Global $BasePath $BasePath = 'C:\Site' + $i  
; Replace this with your NetBIOS domain name. (This is used for domain\user notation)
Global $Domain $Domain = 'YOUROMDAIN'
;-------------------------------------------------------------------

;Dim $fh $fh = FreeFileHandle
;$ = Open($fh, @SCRIPTDIR + "\users.txt")
;$UserName = ReadLine($fh)
    ? "DEBUG: Processing: " + $BasePath + '\Settings'
    Trim($UserName)
    ;Shell '%COMSPEC% /c icacls ' + $BasePath + '\Settings' + ' /t /c /l /grant ' + $Domain + '\' + $UserName + ':(OI)(CI)F'
    ;Shell '%COMSPEC% /c icacls ' + $BasePath + '\' + $UserName + ' /setowner ' + $Domain + '\' + $UserName
    $UserName = ReadLine($fh)
;$ = Close($fh)
Next 

Open in new window

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Recently, I was asked to look into SCCM 2007 by my employer, having a degree of experience of earlier versions of SMS and some previous SCCM knowledge I didn't expect the procedure to involve to much time. I read a number of guides concerning it…
Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now