Give Folder Ownership to User

Hello All,

We have file redirection set for Desktop and Documents to \\fileshare\userprof$\user\Desktop and \\fileshare\userprof$\user\Documents
We have Sync Center to sync offline files. Everything was working until the file share got too big and instead of increasing the volume, one of the sys admin used a file copy tool and moved everything over to another volume.

This caused users to have access denied issues. He added all the correct NTFS permissions but users were still getting access denied.
Users are able to UNC to the path and add/remove files as needed.

After investigating the issue, we found out that when he moved the folders he took ownership of the folders. This was causing the access denied.
I took ownership back for a few folders and it resolved the access denied issue. There is over 500 folders.

I've tried

icacls "\\cusfs01\userprof$\user1"		/setowner "domainname\user1"

Open in new window

But it errors out and says "This security ID may not be assisnged as the owner of this object"
The manual process of taking ownership works.

What I need help with is creating a powershell script to take ownership of the \\fileshare\userprof$\user folder and set the ownership to the owner.
The user folder is the same as the user ID for the users.

I've searched and found a few powershell script such as

This Article

But the script does not work because the users home directory is different from their profile. We have a directory for profile (issue) and home directory.
The profile syncs the desktop and document.

If you guys can point me in the right direction or help out that would be great!
xouvangAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Britt ThompsonSr. Systems EngineerCommented:
ICACLS may not like the UNC path. If your file server is an actual Windows Server you should try running it using local paths on the server.

Using PowerShell you can set the proper permissions using ACLs and it shouldn't care about the UNC paths -

$NetBIOSDN = "domainname"
$Username = "user1"
$Folder = "\\cusfs01\userprof$\$Username"
$Acl = (Get-Item $Folder).GetAccessControl("Access")
if($Acl)
{
    # Create the access rule with full control for the current user and set inheritance
    $Ar = New-Object System.Security.AccessControl.FileSystemAccessRule($Username,"FullControl","ContainerInherit,ObjectInherit","None","Allow")
    # Apply the access rule to the ACL
    $Acl.SetAccessRule($Ar)
    # Establish the owner object and set the user as the owner
    $Owner = New-Object System.Security.Principal.NTAccount("$NetBIOSDN\$Username")
    $Acl.SetOwner($Owner)
    # Apply the ACL to the destination folder
    $SetAcl = Set-Acl -Path $Folder -AclObject $Acl
}

Open in new window

xouvangAuthor Commented:
Thank you that worked when I ran it for one user but now I need help with reading the text file for all users.
Here's what I have:

$NetBIOSDN = "domain"
$Username = Get-Content "C:\User.txt"
ForEach ($user in $username)
{
$Folder = "\\cusfs01\userprof$\$Username"
$Acl = (Get-Item $Folder).GetAccessControl("Access")
if($Acl)
{
    # Create the access rule with full control for the current user and set inheritance
    $Ar = New-Object System.Security.AccessControl.FileSystemAccessRule($Username,"FullControl","ContainerInherit,ObjectInherit","None","Allow")
    # Apply the access rule to the ACL
    $Acl.SetAccessRule($Ar)
    # Establish the owner object and set the user as the owner
    $Owner = New-Object System.Security.Principal.NTAccount("$NetBIOSDN\$Username")
    $Acl.SetOwner($Owner)
    # Apply the ACL to the destination folder
    $SetAcl = Set-Acl -Path $Folder -AclObject $Acl
}}

Open in new window


It came back and listed all the users in one line instead of reading each line as a different user.

Any idea how I can make it read each line as a different user?

Thanks again!
xouvangAuthor Commented:
Any idea how I can make it read each line as a different user?
xouvangAuthor Commented:
I was able to find my own solution.

Thanks!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
xouvangAuthor Commented:
Found own solution
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.