JSI Tip 5640. How do I set or reset permissions on all users home folders?

If you wish to grant all users Change or Full Control permission on their home folders, and grant administrators Full Control, you can run SetPerm.bat on the server that houses their home folders.

SetPerm.bat assumes that each user has a UserName folder under a parent folder.

The syntax for using SetPerm.bat is:

SetPerm "Drive:\Directory of Users Parent Folder" "Domain Name" \[C or F\]

Where:

"Drive:\Directory of Users Parent Folder" is the parent folder, like C:\Users, under which user folders exist, like C:\Users\Jerry.

"Domain Name" is the NetBIOS domain name, like JSIINC.

  C or F is optional. It is the permission to grant the user. The default is Change.

NOTE: Quote marks are only required if a parameter contains space characters.

NOTE: No special tools are required to run SetPerm.bat. It uses CACLS.EXE, which installs with the operating system.

SetPerm.bat contains:

@echo off
setlocal
IF \{%1\}

\{\} GOTO bad IF \{%2\}

\{\} GOTO bad IF NOT EXIST %1 GOTO bad IF \{%3\}

\{\} set perm=C&goto ok if \{%3\}

\{C\} set perm=C&goto ok if \{%3\}==\{F\} set perm=F&goto ok goto bad :ok set pf=%1 set dom=%2 set pf=%pf:"=% set dom=%dom:"=% for /f "Tokens=*" %%a in ('dir "%pf%" /AD /B') do set user=%%a&call :parse endlocal GOTO :EOF :bad @echo Usage: SetPerm "Drive:\Directory of Users Parent Folder" "NetBIOS Domain Name" \[C or F\] @echo. endlocal goto :EOF :parse for /f "Tokens=5*" %%c in ('echo Y^| cacls "%pf%\%user%" /T /G Administrators:F "%dom%\%user%":%perm% "%dom%\Domain Admins":F') do @echo %%d


Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish