Modify permission settings on multiple folders quickly
Here is the issue. Folder full of users folders, the root folder has \domain\admin full control. Then when a user folder is created I have to remove inheritable rights so I can give permission to ust the \user and the domain admin so everyone else must stay out.
Here is the issue. Folder full of users folders, the root folder has \domain\admin full control. Then when a user folder is created I have to remove inheritable rights so I can give permission to ust the \user and the domain admin so everyone else must stay out. Now about users or so all with their permissions for their flder only.
I ran into an issue with a user accidentally deleting their data, and bckup failed.
now I want to create a group for many users, and deny the delete permission, but leave change permission. if they want to delete files they will have to go through an admin(which is fine.)
Since inheriable rights is disabled I will need to go through ech folder permission setting one at a time and specifiy evrything. or will I?
If so, so be it, but would there hve been a better way of setting this up originally? if I do a new server sometime I'd like to o it right up front. It seems really weak to have to have inheritance on or off completely, without the ability to have inheritance AND explicit. (back when it was set up deny delete could have been set and today all would be well, but since it hasn't..)
Doing al of them really isn't that big of a deal, just some time, but for the future i'd like to set it up better in the first place, which can account for a global change like this, if anyone has any ideas.
If again later i want to apply a common extra permission to all folders, I will have to go through and do it all over again otherwise......
I ran into an issue with a user accidentally deleting their data, and bckup failed.
now I want to create a group for many users, and deny the delete permission, but leave change permission. if they want to delete files they will have to go through an admin(which is fine.)
Since inheriable rights is disabled I will need to go through ech folder permission setting one at a time and specifiy evrything. or will I?
If so, so be it, but would there hve been a better way of setting this up originally? if I do a new server sometime I'd like to o it right up front. It seems really weak to have to have inheritance on or off completely, without the ability to have inheritance AND explicit. (back when it was set up deny delete could have been set and today all would be well, but since it hasn't..)
Doing al of them really isn't that big of a deal, just some time, but for the future i'd like to set it up better in the first place, which can account for a global change like this, if anyone has any ideas.
If again later i want to apply a common extra permission to all folders, I will have to go through and do it all over again otherwise......
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
the best way i can think of would be to use vbscripting, www.technet.com then click on the script center and it has a cool things you can do with scripting. Give me a little bit and i will see if i can find an example for you.
http://www.myitforum.com/articles/11/view.asp?id=2926
the above link could get you started on what you need. If you are not familar with scripting let me know and i will try to rewrite it for your needs and show you were you can edit it yourself for future use.
the above link could get you started on what you need. If you are not familar with scripting let me know and i will try to rewrite it for your needs and show you were you can edit it yourself for future use.
Lets say, x:\users inherits and propogates. All the fodlers in users have inheritance currently disabled.
Let's say I want to add "\domain\joeshmoegroup" to have full control in all folders residing inside x:\users, but leave x:\users itself unmodified.
help with this would be very much appreciated.
Let's say I want to add "\domain\joeshmoegroup" to have full control in all folders residing inside x:\users, but leave x:\users itself unmodified.
help with this would be very much appreciated.
Dude i may have to eat my words. I can't find everything i need to get this to work. Normally microsoft has samples to do just about anything and you modify what you need from that (i am still new to scripting) and they don't have anything. I did find a sample script but you need a dll loaded that I am having difficulty getting my hands on. Basically i am saying don't count on me getting this but i am going to try my best to find out some more info for you (i recruited another friend who knows a little more about this)
