Solved

Can't access some folders and files within network share folder

Posted on 2014-01-29
6
565 Views
Last Modified: 2014-01-31
Hello all,

I ran into a problem today.  Our server has a file share that has completely taken a dump.  One of our admins accidentally removed the "everyone" group from the C:\data\shared directory.  I have been working on it for hours now.  

My problem is that several database files reside on the share as do all the user folders.  I can access most of the folders and files but many of them are asking me to take ownership.  I'm worried specifically about the database files as I don't know if having the administrator take ownership will affect them, but also many user files are now inaccessible to me or anyone.  I think what happened was that ownership of the files and folders was erased when the everyone group was deleted.

Are there are any tools out there that will help repair this colossal screw-up?  Or does anyone have any ideas on how to best rebuild the shares and re-grant access?

Thanks
0
Comment
Question by:Sapeur
  • 3
  • 2
6 Comments
 

Author Comment

by:Sapeur
ID: 39819068
P.S. Or would the easiest thing to do be restore the backups from last night?  would that replace the original permissions?  I am using windows native backup from the tools menu on server 2012
0
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 250 total points
ID: 39819191
yes a backup will restore permissions. That admin should have their knuckles rapped.
0
 
LVL 9

Assisted Solution

by:tsaico
tsaico earned 250 total points
ID: 39819260
the back up should restore the rights, but the everyone group generally shouldn't be used in a domain.  Authenticated users is a better group if you just want blanket read/write for anyone who has a domain account.  

As for taking ownership, you can safely do so, then after have owner ship go back and reset the parent folder rights to what you need to and be sure you "reapply to all child" flag is ticked.  It sounds to me, the Everyone had the rights for Full Control.  Now that group is gone, you no longer have rights to change the rights, so it wants you to take ownership.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Closing Comment

by:Sapeur
ID: 39824262
Thank you both.  You were very helpful. The back up restored the ACL on the directory from the previous day's backup.  There were several folders and files created that day that I needed to take ownership of in order to get the user access to them.

P.S.  The Jr. Admin that thought he was deleting an un-needed "employee" group but clicked "everyone" instead, now has only read access to the entire directory, I created a group called "idiots and morons" and ticked deny on everything but read.  I'll leave him in it for a few days as punishment LOL!
0
 
LVL 9

Expert Comment

by:tsaico
ID: 39824487
Poor guy...

Though, as a side note, many schools and security boot camps taught not to use the everyone group.  While the everyone group lost the anonymous and guest logins, it still has the non-user system accounts in it and shouldn't be used unless for a specific reasons to keep your risk exposure as small as possible.

This guy explains better then me...

http://blog.varonis.com/the-difference-between-everyone-and-authenticated-users/
0
 

Author Comment

by:Sapeur
ID: 39824773
Great article thanks!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question