Usershare permissions
Hello Experts, I hope that you can help me with this issue. We recently migrated our file shares to a new server. We use the home folder with AD to map out usershares. These accounts were updated via AD and all 600 employees can now access there shares and data on the new server. The problem is, the permissions are now out of whack. All users can access all other shares and make changes. If this were a brand new share with no usershares, this would be easy to fix. But i don't want to go through 600 shares and set permissions for that specific user and domain admins. Is there an easier way to do this or am I up the creek on this one?
Thank you
Thank you
ASKER
Haha, I think I have ; ). Unfortunately, I am the resident network admin and have "inherited" this mess so I don't have that much experience with Powershell. Any ideas where I could find such a script already built and that i can just adjust to suit this issue?
Thanks
Thanks
Using SetACL and PowerShell
$UserFoldersPath = "E:\UserData";
$UserFolders = Get-ChildItem $UserFoldersPath -Directory;
foreach ($UserFolder in $UserFolders)
{
SetACL.exe -on "$($UserFoldersPath)\$($UserFolder)" -ot file -actn ace -ace "n:Domain\$($UserFolder);p:change" -ace "n:system;p:full" -ace "n:Administrators;p:full" -actn setprot -op "dacl:p_nc;sacl:p_nc"
}ASKER
Thank you, I'll give it a whirl.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks guys, I ended up using the NTFS security module in PowerShell. Thanks you again and I copied that script you listed for future use. Have a good day.
Seriously, though, I would use a Powershell script to iterate through the user objects within AD, search the folder filled with user home folders for that user's folder and set the permissions on that folder as appropriate. The shares' permissions can be Everyone->Change, but the folder level permissions should be set per-user by the script.