Solved

How do you remove all folder and file permissions?

Posted on 2016-10-27
11
109 Views
Last Modified: 2016-11-01
My assistant made a lot of permissions changes and now there are certain files that he is the only one listed in the security setting.   I want to remove the permissions from every folder, every file and then apply new ones.  How?
0
Comment
Question by:J.R. Sitman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 6

Expert Comment

by:jorge diaz
ID: 41863314
log in to the server as admin, find the folders you want to modify permissions to, right click\properties\security add-remove users. make sure you leave the domain admin group or whichever group you are a member with full access, that takes care of the ntfs permissions. similar process but select Select advanced sharing instead of Security to take care of the share permissions.
0
 

Author Comment

by:J.R. Sitman
ID: 41863317
just tried your suggestion.  See attached

security.png
0
 
LVL 6

Assisted Solution

by:jorge diaz
jorge diaz earned 250 total points
ID: 41863322
i guess the other person has ownership of the file. when you go to security, select Advanced,  you'll see the owner listed on top, change it to your account or a group you're a member of, select the option to replace on sub-containers or subfolders, click on, and try again.
0
How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

 
LVL 8

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 250 total points
ID: 41863338
Yes, you will need to take onwership ofthe directory objects & items below using the DOMAIN\Administrator or local server administrators group member, after that do the permission removal once again.
0
 

Author Comment

by:J.R. Sitman
ID: 41863351
I replaced the owner with my user name that didn't work.  Then with Administrator, that didn't work.  My assistant is still showing as the only person in the security settings.  Wouldn't moving the folder to another server, remove all the permissions?

security2.png
0
 
LVL 8

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 250 total points
ID: 41863375
jrsitman,

No, NTFS will still retain its permission eventhough you attached the drive to another server.
0
 
LVL 8

Accepted Solution

by:
Senior IT System Engineer earned 250 total points
ID: 41863380
One thing that you can try to do is to copy it across to different server and then remove the file permission as it is copying which can be done using

Robocopy:

robocopy \\SOURCE\Share  \\TARGET\Share /COPY:DAT /E /V /log:robocopyjob.txt /R:1 /W:1 /ZB

Open in new window


Or this GUI tool: https://blogs.technet.microsoft.com/keithcombs/2009/03/22/richcopy-bulk-file-copy-tool-released-get-it-here/
0
 

Author Comment

by:J.R. Sitman
ID: 41863996
Rich Copy seems to be working.  I'm still testing.   Is there a way to search a folder to find out what permissions are assigned to files.  In other words can I look for all files that have my assistants security assigned to them?
0
 

Author Comment

by:J.R. Sitman
ID: 41864254
did you see my question?

Is there a way to search a folder to find out what permissions are assigned to files.  In other words can I look for all files that have my assistants security assigned to them?
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 41864621
powershell
$output = @()
$searchuser = "NT AUTHORITY\SYSTEM"
$path = 'c:\temp'
$files = get-childitem $path -recurse
 foreach ($file in $files){
    
    $nacls =   get-acl $file.fullname
    if ($nacls.owner -eq $searchuser)
        {
        $object = New-Object -TypeName PSObject
        #$object | Add-Member -MemberType NoteProperty -Name Owner -Value $nacls.Owner
        $object | Add-Member -MemberType NoteProperty -Name Path -Value $nacls.Path
        $output += $object
        }
}
Write-Output ("Path Searched: {0}   Search User: {1}" -f $path, $searchuser)
$output | Split-Path -Leaf

Open in new window

1
 

Author Closing Comment

by:J.R. Sitman
ID: 41868832
Rich Copy was the best option.   Thanks
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question