Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!
a command promt tool to modify permission on large number of folders using variables and batch file
This is windows 2003 file share server ; hosting the personal folder for all users. need to clean up the permission on all users using a command prompt to save time ; so NTFS permission is full control for domainadmins and modify for the %username% on their folders and subfolders
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
see this question which can be adapted to what you need using the icacls and takeown command line tools http://www.experts-exchange.com/questions/28711330/delete-user-account-and-associated-redirect-folders.html#a40967181
> ...modify for the %username% on their folders and subfolders
What does the share folders look like? Is each folder named after the user? e.g.
If so, make a .bat file of this and try it on a test folder:
What does the share folders look like? Is each folder named after the user? e.g.
\\share\users\user1
\\share\users\user2
\\share\users\user3
...
If so, make a .bat file of this and try it on a test folder:
@echo off
SETLOCAL ENABLEDELAYEDEXPANSION
REM Give user Modify right to their user folder.
REM User folder has same name as user
REM - IMPORTANT: Do on a test folder first!
REM - IMPORTANT: Running this code now then at a later time, e.g. a few weeks or months later
REM may affect existing permissions. As always, USE WITH CARE.
REM - Change these variables to your needs: RootDir, DomName
REM - Makes a log file in your TEMP folder
set RootDir=d:\share\users
set DomName=domainname
set fnlog=%temp%\%~n0.log
>> "%fnlog%" echo %date% %time% BEGIN
if not exist "%RootDir%" (>> "%fnlog%" echo %date% %time% Missing %RootDir%& pause& goto :end)
pushd "%RootDir%"
REM - Disable inheritance and copy the existing ACEs
echo.
echo *** Disable inheritance and copy the existing ACEs
icacls "%RootDir%" /inheritance:d
if %errorlevel% neq 0 >> "%fnlog%" echo %date% %time% Error icacls "%RootDir%" Disable inheritance and copy the existing ACEs
REM - Remove users, including sub-folders. Else they would still be able to read...
echo.
echo *** Remove users, including sub-folders. Else they would still be able to read...
icacls "%RootDir%" /remove:g "Authenticated Users" /remove:g "domain users" /t /q
if %errorlevel% neq 0 >> "%fnlog%" echo %date% %time% Error icacls "%RootDir%" Remove users, including sub-folders
for /d %%a in (*) do (
REM pushd %%a
echo ------- "%%~fa"
REM - Grant modify rights to Subfolders and files only
echo.
echo *** Grant modify rights to Subfolders and files only
>> "%fnlog%" echo "%%~fa" "%DomName%\%%~na" Grant modify rights to Subfolders and files
icacls "%%~fa" /grant "%DomName%\%%~na":^(OI^)^(CI^)M /q
if %errorlevel% neq 0 >> "%fnlog%" echo %date% %time% Error icacls "%%~fa" "%DomName%\%%~na" Grant modify rights to Subfolders and files
REM popd
)
:end
>> "%fnlog%" echo %date% %time% END
popd
I was able to do that in 2 lines
cacls (foldername) /e /T /p SYSTEM:f (will grant system full control over username folder)
icacls (foldername) /grant:r e-academy\username:(OI)(CI
username and foldername have the same name
I did not test the solutions above , but will give points to each equally
cacls (foldername) /e /T /p SYSTEM:f (will grant system full control over username folder)
icacls (foldername) /grant:r e-academy\username:(OI)(CI
username and foldername have the same name
I did not test the solutions above , but will give points to each equally
Premium Content
You need an Expert Office subscription to comment.Start Free Trial