How To Automate Folder Permissions (180464)
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows NT Workstation 3.51
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Server 3.51
- Microsoft Windows NT Server 4.0
This article was previously published under Q180464 SUMMARY
It is sometimes necessary to assign permissions to a folder so that a
particular User and the Administrators group can administer it, as in the
case of Users Home Directories.
MORE INFORMATION
Using the following three files (Addperm.cmd, Addperm2.cmd, and Yes.txt) you can add the Administrators Group and the User (whose logon name must be the same as the folder name) to the Access Control List (ACL) on the folder. This method only uses CACLS; no resource kit tools are needed.
NOTE: This article assumes you have a USERS share that contains individual directories.
Either retype or copy and paste the following information into a file
called Addperm.cmd in the root directory of the drive that has the USERS
directory.
Addperm.cmd
A simplified Addperm.cmd using a different dir command
REM You can delete/REM the following line for troubleshooting.
@echo off
IF (%1)==() GOTO NoArgs
Echo Creating directory listing...
dir %1 /A:D /B > dir.txt
for /F "delims= tokens=1" %%a in (dir.txt) do call addperm2.cmd %1 %%a
echo ---------
echo - Finished.
echo ---------
GOTO End
:NoArgs
ECHO usage: ADDPERM <Drive:\Directory of Users Parent Folder>
ECHO.
:End
del dir.txt
Addperm2.cmd
Addperm2.cmd with examples added
if %2==bytes GOTO :End
REM Prefix %2 with the domainname\ if applying permissions to workstations or
REM member server and place Quotes if groups contain a space.
cacls %1\%2 /T /G Administrators:F MUG2000\%2:C "MUG2000\Domain Admins":F <\yes.txt
:End
Yes.txt
The third file is a little more difficult.
Open a command prompt (Cmd.exe) and change directories to the root
directory of the drive to which you have saved the other two files.
Type the following:
COPY CON YES.TXT <press the enter key>
y<press the enter key>
<Press Control-Z to exit and save the file>
This creates a text file with the Y and ENTER needed to automate the
CACLS command.
To use the batch files type the following command:
These batch files can easily be altered to add different permissions to the
directories. The /t switch instructs CACLS to change the permissions on all subfolders if the users folder has them.
If a user account does not match the name of the directory, you receive
the error message:
No mapping between account names and security IDs was done.
| Modification Type: | Major | Last Reviewed: | 6/3/2003 |
|---|
| Keywords: | kbhowto kbinfo KB180464 |
|---|
|