Solved

How do you remove all folder and file permissions?

Posted on 2016-10-27
11
97 Views
Last Modified: 2016-11-01
My assistant made a lot of permissions changes and now there are certain files that he is the only one listed in the security setting.   I want to remove the permissions from every folder, every file and then apply new ones.  How?
0
Comment
Question by:J.R. Sitman
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 6

Expert Comment

by:jorge diaz
ID: 41863314
log in to the server as admin, find the folders you want to modify permissions to, right click\properties\security add-remove users. make sure you leave the domain admin group or whichever group you are a member with full access, that takes care of the ntfs permissions. similar process but select Select advanced sharing instead of Security to take care of the share permissions.
0
 

Author Comment

by:J.R. Sitman
ID: 41863317
just tried your suggestion.  See attached

security.png
0
 
LVL 6

Assisted Solution

by:jorge diaz
jorge diaz earned 250 total points
ID: 41863322
i guess the other person has ownership of the file. when you go to security, select Advanced,  you'll see the owner listed on top, change it to your account or a group you're a member of, select the option to replace on sub-containers or subfolders, click on, and try again.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 7

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 250 total points
ID: 41863338
Yes, you will need to take onwership ofthe directory objects & items below using the DOMAIN\Administrator or local server administrators group member, after that do the permission removal once again.
0
 

Author Comment

by:J.R. Sitman
ID: 41863351
I replaced the owner with my user name that didn't work.  Then with Administrator, that didn't work.  My assistant is still showing as the only person in the security settings.  Wouldn't moving the folder to another server, remove all the permissions?

security2.png
0
 
LVL 7

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 250 total points
ID: 41863375
jrsitman,

No, NTFS will still retain its permission eventhough you attached the drive to another server.
0
 
LVL 7

Accepted Solution

by:
Senior IT System Engineer earned 250 total points
ID: 41863380
One thing that you can try to do is to copy it across to different server and then remove the file permission as it is copying which can be done using

Robocopy:

robocopy \\SOURCE\Share  \\TARGET\Share /COPY:DAT /E /V /log:robocopyjob.txt /R:1 /W:1 /ZB

Open in new window


Or this GUI tool: https://blogs.technet.microsoft.com/keithcombs/2009/03/22/richcopy-bulk-file-copy-tool-released-get-it-here/
0
 

Author Comment

by:J.R. Sitman
ID: 41863996
Rich Copy seems to be working.  I'm still testing.   Is there a way to search a folder to find out what permissions are assigned to files.  In other words can I look for all files that have my assistants security assigned to them?
0
 

Author Comment

by:J.R. Sitman
ID: 41864254
did you see my question?

Is there a way to search a folder to find out what permissions are assigned to files.  In other words can I look for all files that have my assistants security assigned to them?
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 41864621
powershell
$output = @()
$searchuser = "NT AUTHORITY\SYSTEM"
$path = 'c:\temp'
$files = get-childitem $path -recurse
 foreach ($file in $files){
    
    $nacls =   get-acl $file.fullname
    if ($nacls.owner -eq $searchuser)
        {
        $object = New-Object -TypeName PSObject
        #$object | Add-Member -MemberType NoteProperty -Name Owner -Value $nacls.Owner
        $object | Add-Member -MemberType NoteProperty -Name Path -Value $nacls.Path
        $output += $object
        }
}
Write-Output ("Path Searched: {0}   Search User: {1}" -f $path, $searchuser)
$output | Split-Path -Leaf

Open in new window

1
 

Author Closing Comment

by:J.R. Sitman
ID: 41868832
Rich Copy was the best option.   Thanks
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question