Provide full access to 1 user to Everyone's HOME drive
Path for home drive
\\servername\share$\usersh
So when user "John" logs in the home drive folder would be
\\servername\share$\usersh
"John" folder gets created with no inheritance from parent permission. It gives just John and administrators permission to the folder.
I want to give user "Sam"(who is not in administrative group ) full permission to all folders under usershare folders(Which would be home folder to all other users).
I don't want to do it manually because it will take just too long to go through each folders.
Is there a quick way to doing it? Through Any Group policy?
Who is Participating?
Experts Exchange Solution brought to you by
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
For me, the easiest is just a quick command line with cacls.exe.
So, lets say your directory structure looks like this:
\\server\share\user1
\\server\share\user2
\\server\share\user3
Then with your administrator account (since it looks like you have already set the policy to add administrators to the home directory), you would just use this:
pushd \\server\share
for /d %f in (*) do cacls "%f" /e /t /g john:c
I tend to avoid giving users Full Control of this type of situation,, generally the Modify/Change permission (the c in the command above - /g john:c). This of course will let them add/delete/modify all the files. It just does not give them the ability to take ownership or change permissions on existing files.
An icacls example:
pushd \\server\share
for /d %f in (*) do icacls "%f" /grant john:m /t /c
Coralon
Experts Exchange Solution brought to you by
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialAdd Creator Owner to the root.
Give the admins the required permissions and same for Creator Owner. Allow these permissions to propagate down the tree.
Moving forward when a user logs in for the first time the folder will be created. They are the creator owner so permissions will all be right. In addition any new admins can be added to the admins group.
As for the existing folders you will need to change the OWNER of each folder to point to the user. This can be done with a script using icacls.exe
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
While this is technically possible, I think you should create a top level share on the root of the server and give all required users the necessary permissions and security, then have your users store files and folders that are to be shared in that share.