Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Folder Permissions

Posted on 2014-11-10
6
Medium Priority
?
174 Views
Last Modified: 2015-05-05
One of our clients IT Managers would like to have full access to ALL of their company data.

Within their company data there are 3 directories - Shared Data/Profiles/Users.

Is there any way to add a blanket full access permission to every file and folder within their data? A lot of these folders don't inherit permissions so its all a bit messy really.

This is possible for Shared data, but due to ACL within profiles and users we are unable to add this permission.

We have tried XCACLS with no luck, is there an alternative program that can facilitate this request?
0
Comment
Question by:H_C_S
6 Comments
 
LVL 26

Expert Comment

by:Lionel MM
ID: 40434002
Only success I have had is to take ownership for that user then add the required permissions with calc or xcalc or through the GUI and then give ownership back to the original owner. But as you say it can get messy and I have found that sometimes it is simply better to move or copy the data to a new root folder with the appropriate permissions.
0
 
LVL 23

Accepted Solution

by:
Thomas Grassi earned 2000 total points
ID: 40434092
Set up a group add the user to that group

Give the group full permissions   Ntfs and share permissions
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 40434331
You could use Powershell for that. Something like this (untested):

gci "X:\your\folder" - Recurse| % {
  $acl = get-acl $_.fullname
  $newRule = New-Object System.Security.AccessControl.FileSystemAccessRule("username", "FullControl", "Allow")
  $acl.AddAccessRule($newRule)
  set-acl $_.fullname $acl
}

Open in new window

Replace "X:\your\folder" with the actual folder path and "username" with your IT manager's name.

HTH,
Dan
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 

Author Comment

by:H_C_S
ID: 40434765
Issue is there are so many profiles etc taking ownership will be messy as there is a lot to break.

You mentioned a GUI, have tried a few XCACLS gui tools with no success. I think we may need to logon to data server as local admin and run rather than domain admin. Group wont work - will only apply permissions one level down and there is a lot that is not inherited.

Thanks very much Dan, that seems like the best option although we'd like something with a GUI as we're getting more requests like this from different clients.

I have attached a screenshot of what were dealing with here
EEHelp.jpg
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 40434810
You can hire someone to make you a nice frontend for the powershell script. Basically all the GUI tools in Windows 7+ are frontends to powershell scripts.
0
 
LVL 26

Expert Comment

by:Lionel MM
ID: 40435615
I suggest you write down exactly what you want the end results on each root folder to be as well as the underlying folders. There is no way, either via script or with GUI that you can do what you are asking with "affecting" the folders in question so I suggest we move the focus from what you have now and trying to add a fix to providing us with the required results so we can write a script to go through all the files and folders and give them the permissions you require--this can be done by you providing csv list of folders, users & their required permissions example
c:\users\bob, bob, full control
and so on
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question