Solved

How do you remove all folder and file permissions?

Posted on 2016-10-27
11
103 Views
Last Modified: 2016-11-01
My assistant made a lot of permissions changes and now there are certain files that he is the only one listed in the security setting.   I want to remove the permissions from every folder, every file and then apply new ones.  How?
0
Comment
Question by:J.R. Sitman
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 6

Expert Comment

by:jorge diaz
ID: 41863314
log in to the server as admin, find the folders you want to modify permissions to, right click\properties\security add-remove users. make sure you leave the domain admin group or whichever group you are a member with full access, that takes care of the ntfs permissions. similar process but select Select advanced sharing instead of Security to take care of the share permissions.
0
 

Author Comment

by:J.R. Sitman
ID: 41863317
just tried your suggestion.  See attached

security.png
0
 
LVL 6

Assisted Solution

by:jorge diaz
jorge diaz earned 250 total points
ID: 41863322
i guess the other person has ownership of the file. when you go to security, select Advanced,  you'll see the owner listed on top, change it to your account or a group you're a member of, select the option to replace on sub-containers or subfolders, click on, and try again.
0
Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

 
LVL 7

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 250 total points
ID: 41863338
Yes, you will need to take onwership ofthe directory objects & items below using the DOMAIN\Administrator or local server administrators group member, after that do the permission removal once again.
0
 

Author Comment

by:J.R. Sitman
ID: 41863351
I replaced the owner with my user name that didn't work.  Then with Administrator, that didn't work.  My assistant is still showing as the only person in the security settings.  Wouldn't moving the folder to another server, remove all the permissions?

security2.png
0
 
LVL 7

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 250 total points
ID: 41863375
jrsitman,

No, NTFS will still retain its permission eventhough you attached the drive to another server.
0
 
LVL 7

Accepted Solution

by:
Senior IT System Engineer earned 250 total points
ID: 41863380
One thing that you can try to do is to copy it across to different server and then remove the file permission as it is copying which can be done using

Robocopy:

robocopy \\SOURCE\Share  \\TARGET\Share /COPY:DAT /E /V /log:robocopyjob.txt /R:1 /W:1 /ZB

Open in new window


Or this GUI tool: https://blogs.technet.microsoft.com/keithcombs/2009/03/22/richcopy-bulk-file-copy-tool-released-get-it-here/
0
 

Author Comment

by:J.R. Sitman
ID: 41863996
Rich Copy seems to be working.  I'm still testing.   Is there a way to search a folder to find out what permissions are assigned to files.  In other words can I look for all files that have my assistants security assigned to them?
0
 

Author Comment

by:J.R. Sitman
ID: 41864254
did you see my question?

Is there a way to search a folder to find out what permissions are assigned to files.  In other words can I look for all files that have my assistants security assigned to them?
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 41864621
powershell
$output = @()
$searchuser = "NT AUTHORITY\SYSTEM"
$path = 'c:\temp'
$files = get-childitem $path -recurse
 foreach ($file in $files){
    
    $nacls =   get-acl $file.fullname
    if ($nacls.owner -eq $searchuser)
        {
        $object = New-Object -TypeName PSObject
        #$object | Add-Member -MemberType NoteProperty -Name Owner -Value $nacls.Owner
        $object | Add-Member -MemberType NoteProperty -Name Path -Value $nacls.Path
        $output += $object
        }
}
Write-Output ("Path Searched: {0}   Search User: {1}" -f $path, $searchuser)
$output | Split-Path -Leaf

Open in new window

1
 

Author Closing Comment

by:J.R. Sitman
ID: 41868832
Rich Copy was the best option.   Thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question