Solved

How do you remove all folder and file permissions?

Posted on 2016-10-27
11
73 Views
Last Modified: 2016-11-01
My assistant made a lot of permissions changes and now there are certain files that he is the only one listed in the security setting.   I want to remove the permissions from every folder, every file and then apply new ones.  How?
0
Comment
Question by:jrsitman
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 6

Expert Comment

by:jorge diaz
ID: 41863314
log in to the server as admin, find the folders you want to modify permissions to, right click\properties\security add-remove users. make sure you leave the domain admin group or whichever group you are a member with full access, that takes care of the ntfs permissions. similar process but select Select advanced sharing instead of Security to take care of the share permissions.
0
 

Author Comment

by:jrsitman
ID: 41863317
just tried your suggestion.  See attached

security.png
0
 
LVL 6

Assisted Solution

by:jorge diaz
jorge diaz earned 250 total points
ID: 41863322
i guess the other person has ownership of the file. when you go to security, select Advanced,  you'll see the owner listed on top, change it to your account or a group you're a member of, select the option to replace on sub-containers or subfolders, click on, and try again.
0
 
LVL 7

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 250 total points
ID: 41863338
Yes, you will need to take onwership ofthe directory objects & items below using the DOMAIN\Administrator or local server administrators group member, after that do the permission removal once again.
0
 

Author Comment

by:jrsitman
ID: 41863351
I replaced the owner with my user name that didn't work.  Then with Administrator, that didn't work.  My assistant is still showing as the only person in the security settings.  Wouldn't moving the folder to another server, remove all the permissions?

security2.png
0
 
LVL 7

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 250 total points
ID: 41863375
jrsitman,

No, NTFS will still retain its permission eventhough you attached the drive to another server.
0
 
LVL 7

Accepted Solution

by:
Senior IT System Engineer earned 250 total points
ID: 41863380
One thing that you can try to do is to copy it across to different server and then remove the file permission as it is copying which can be done using

Robocopy:

robocopy \\SOURCE\Share  \\TARGET\Share /COPY:DAT /E /V /log:robocopyjob.txt /R:1 /W:1 /ZB

Open in new window


Or this GUI tool: https://blogs.technet.microsoft.com/keithcombs/2009/03/22/richcopy-bulk-file-copy-tool-released-get-it-here/
0
 

Author Comment

by:jrsitman
ID: 41863996
Rich Copy seems to be working.  I'm still testing.   Is there a way to search a folder to find out what permissions are assigned to files.  In other words can I look for all files that have my assistants security assigned to them?
0
 

Author Comment

by:jrsitman
ID: 41864254
did you see my question?

Is there a way to search a folder to find out what permissions are assigned to files.  In other words can I look for all files that have my assistants security assigned to them?
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 41864621
powershell
$output = @()
$searchuser = "NT AUTHORITY\SYSTEM"
$path = 'c:\temp'
$files = get-childitem $path -recurse
 foreach ($file in $files){
    
    $nacls =   get-acl $file.fullname
    if ($nacls.owner -eq $searchuser)
        {
        $object = New-Object -TypeName PSObject
        #$object | Add-Member -MemberType NoteProperty -Name Owner -Value $nacls.Owner
        $object | Add-Member -MemberType NoteProperty -Name Path -Value $nacls.Path
        $output += $object
        }
}
Write-Output ("Path Searched: {0}   Search User: {1}" -f $path, $searchuser)
$output | Split-Path -Leaf

Open in new window

1
 

Author Closing Comment

by:jrsitman
ID: 41868832
Rich Copy was the best option.   Thanks
0

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now