DerekFG
asked on
Easy way to set folder permissions on new folders
Looking for an easy way to change permissions on folders that are created daily.
Our Secretary's will create folders, always named Final, on a certain shared drive. This shared drive is housed on Server 2012.
I'm not kept up to date on when they are created, as we have many offices all accessing this drive.
Just looking for an easier way to automatically do this, or run a script that will do this for me. I need to give access only to a certain AD group, and remove access from the default group that is pulled by hierarchy.
Folder structure is as follows:
Main Drive
- Client
-Client Folders
-Final
- Client
-Client Folders
-Final
- Client
-Client Folders
-Final
- Client
-Client Folders
-Final
Our Secretary's will create folders, always named Final, on a certain shared drive. This shared drive is housed on Server 2012.
I'm not kept up to date on when they are created, as we have many offices all accessing this drive.
Just looking for an easier way to automatically do this, or run a script that will do this for me. I need to give access only to a certain AD group, and remove access from the default group that is pulled by hierarchy.
Folder structure is as follows:
Main Drive
- Client
-Client Folders
-Final
- Client
-Client Folders
-Final
- Client
-Client Folders
-Final
- Client
-Client Folders
-Final
What about putting a top level root folder between the Main Drive and all the Client Folders, that has all the permissions you need for that group (removing any other groups that don't need to be there) and turn Inheritable Permissions on so the permissions propagate to all subfolders and files?
You can create a group and add the member in the group and assign the permission to the group so that it will easy to manage user and security permission on the folder.
Please refer below link to set the folder permission on the server.
http://windows.microsoft.com/en-in/windows/file-sharing-essentials#1TC=windows-7
https://blogs.technet.com/b/keithmayer/archive/2012/10/21/ntfs-shared-folders-a-whole-lot-easier-in-windows-server-2012.aspx
http://www.techrepublic.com/blog/data-center/how-to-share-a-folder-in-windows-server-2012/
http://social.technet.microsoft.com/Forums/en-US/815ce790-529f-4223-804d-374bfcac91c3/script-to-automate-change-of-folder-permissions-and-ownership-based-on-the-name-of-the-folder?forum=ITCG
Please refer below link to set the folder permission on the server.
http://windows.microsoft.com/en-in/windows/file-sharing-essentials#1TC=windows-7
https://blogs.technet.com/b/keithmayer/archive/2012/10/21/ntfs-shared-folders-a-whole-lot-easier-in-windows-server-2012.aspx
http://www.techrepublic.com/blog/data-center/how-to-share-a-folder-in-windows-server-2012/
http://social.technet.microsoft.com/Forums/en-US/815ce790-529f-4223-804d-374bfcac91c3/script-to-automate-change-of-folder-permissions-and-ownership-based-on-the-name-of-the-folder?forum=ITCG
So, you mean to say that "Final" folder needs to be get created automatically underneath Client Folders ?
Unable to understand your requirement ?
Can you please elaborate ?
Unable to understand your requirement ?
Can you please elaborate ?
ASKER
I know how to set them manually.
No, I do not need the folders created automatically, I need a script that will set permissions on any folder named exactly 'Final' under a certain drive.
The secretaries create the final folders and put the final copies of jobs in them. Prior, these job folders are open to most everyone, but the Final folder I need to be locked down to only secretaries so no one accidentally deletes, moves or edits those documents.
No, I do not need the folders created automatically, I need a script that will set permissions on any folder named exactly 'Final' under a certain drive.
The secretaries create the final folders and put the final copies of jobs in them. Prior, these job folders are open to most everyone, but the Final folder I need to be locked down to only secretaries so no one accidentally deletes, moves or edits those documents.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We use Shadow Copy, as well as Veeam backups, so no worries really about losing data, just rather prevent the need.
Unfortunately I cannot change the location of the folders. We are talking about thousands of job folders. Believe me, when they initially wanted to set it up this way I warned them it was wrong, and they should have just created a different directory named Final, then put each client name under that and the documents there.
I'll look into the File Watcher Utility, as long as it can monitor and set only to exact name it should work fine. There are other folders with the word final in them, but they are things such as 'final bid' 'final screening' etc... I've made sure that they know at least to only name the completed directory 'Final' exactly.
Unfortunately I cannot change the location of the folders. We are talking about thousands of job folders. Believe me, when they initially wanted to set it up this way I warned them it was wrong, and they should have just created a different directory named Final, then put each client name under that and the documents there.
I'll look into the File Watcher Utility, as long as it can monitor and set only to exact name it should work fine. There are other folders with the word final in them, but they are things such as 'final bid' 'final screening' etc... I've made sure that they know at least to only name the completed directory 'Final' exactly.
OK
1st you need to ensure that authenticated users have change share permissions on root shared folder in the hierarchy
Then you can control rest of the permissions with NTFS
If there are other folders also residing with Final folder, then you must remove all inheritable permissions from Final Folder and must grant secretaries modify NTFS permissions on that folder
You may try it with MS tool Subinacl or you can do it manually on need basis
Mahesh
1st you need to ensure that authenticated users have change share permissions on root shared folder in the hierarchy
Then you can control rest of the permissions with NTFS
If there are other folders also residing with Final folder, then you must remove all inheritable permissions from Final Folder and must grant secretaries modify NTFS permissions on that folder
You may try it with MS tool Subinacl or you can do it manually on need basis
Mahesh
You were pretty clear in your requirements above that you needed "exactly" the string "Final". That's why I referred you to this tool. You can specify a regular expression, so you can be as specific or generic as you like.
ASKER
Option 3 was the way to go for us.