Link to home
Start Free TrialLog in
Avatar of serverops
serverops

asked on

Adding additional ntfs Permissions onto all folders (and subfolders) even if inheritabled permissions are off

Hello,
i do have a file server here in the company wich growed over the last years worse and worse.
I found out that there are a lot of files/folders where also the admin  do not have access rights to. We need to delegate the rights to change the permissions to the helpdesk wich is for shure not admin onto the file server itself.
Now i do need to find a power shell command or a vb script (xcacls) or something like that, which is allowing me to ADD ADDITIONAL rights for a group or a user to all folders i do have onto a Volume or share or path .. whatever. The result shud be that the actually rights are not changed, just added with another modify rights to the specified usergroup.
The trick is it should be also working for such folders where the inheritable permission is set to off ..
Anyone can help me please ?
Many thanks in advance  ..
ASKER CERTIFIED SOLUTION
Avatar of SStory
SStory
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of serverops
serverops

ASKER

Thanks a lot so far .. the command is fine so far, but my problem is that the ntfs permissions are so messed up that even me as an local admin do not have the access rights therefore i do get the Access id denied message running the command..

also the cacls is just doing one folder and his subfolder . . but does not add the permissions onto the 3rd or 4th subfolder as wished when the inheritance is broken . .
Well, if using the GUI you go into the advanced section, see who the owner is. you may have to take over. Make sure Admin is added and it is set to do so for all subfolders.
The Problem there is that even when i took the ownership he did not save it . .  strange . . what i did now is used xcacls.vbs (edited the supported version and added 6.1 for windows server 2008 r2) and run it with the following command:
xacls.vbs "datasource" /E /T /G "usernametoadd":F
after that i could see the owenership again (local admin) now trying to sort out different error messages from the command line like: Permissions denied and Path not found
Sorry..I've been on vacation.... Glad it looks like you have solved the problem.