Solved

Folder Permissions

Posted on 2014-11-10
6
146 Views
Last Modified: 2015-05-05
One of our clients IT Managers would like to have full access to ALL of their company data.

Within their company data there are 3 directories - Shared Data/Profiles/Users.

Is there any way to add a blanket full access permission to every file and folder within their data? A lot of these folders don't inherit permissions so its all a bit messy really.

This is possible for Shared data, but due to ACL within profiles and users we are unable to add this permission.

We have tried XCACLS with no luck, is there an alternative program that can facilitate this request?
0
Comment
Question by:H_C_S
6 Comments
 
LVL 24

Expert Comment

by:Lionel MM
ID: 40434002
Only success I have had is to take ownership for that user then add the required permissions with calc or xcalc or through the GUI and then give ownership back to the original owner. But as you say it can get messy and I have found that sometimes it is simply better to move or copy the data to a new root folder with the appropriate permissions.
0
 
LVL 23

Accepted Solution

by:
Thomas Grassi earned 500 total points
ID: 40434092
Set up a group add the user to that group

Give the group full permissions   Ntfs and share permissions
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 40434331
You could use Powershell for that. Something like this (untested):

gci "X:\your\folder" - Recurse| % {
  $acl = get-acl $_.fullname
  $newRule = New-Object System.Security.AccessControl.FileSystemAccessRule("username", "FullControl", "Allow")
  $acl.AddAccessRule($newRule)
  set-acl $_.fullname $acl
}

Open in new window

Replace "X:\your\folder" with the actual folder path and "username" with your IT manager's name.

HTH,
Dan
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:H_C_S
ID: 40434765
Issue is there are so many profiles etc taking ownership will be messy as there is a lot to break.

You mentioned a GUI, have tried a few XCACLS gui tools with no success. I think we may need to logon to data server as local admin and run rather than domain admin. Group wont work - will only apply permissions one level down and there is a lot that is not inherited.

Thanks very much Dan, that seems like the best option although we'd like something with a GUI as we're getting more requests like this from different clients.

I have attached a screenshot of what were dealing with here
EEHelp.jpg
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 40434810
You can hire someone to make you a nice frontend for the powershell script. Basically all the GUI tools in Windows 7+ are frontends to powershell scripts.
0
 
LVL 24

Expert Comment

by:Lionel MM
ID: 40435615
I suggest you write down exactly what you want the end results on each root folder to be as well as the underlying folders. There is no way, either via script or with GUI that you can do what you are asking with "affecting" the folders in question so I suggest we move the focus from what you have now and trying to add a fix to providing us with the required results so we can write a script to go through all the files and folders and give them the permissions you require--this can be done by you providing csv list of folders, users & their required permissions example
c:\users\bob, bob, full control
and so on
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now