NOTE: See tip 3471 » How can I insure that administrators have access to a user's redirected folder?
I have scripted GrantAdmin.bat to grant Administrators full control of existing redirected user folders.
Since by default, only the user and the built in System account have Full Control of the redirected folder, you must run GrantAdmin.bat in the System account context:
Freeware application opens a CMD prompt in the System account context.
How do I schedule a job to run under the SYSTEM context?
The syntax for using GrantAdmin.bat is:
GrantAdmin ParentFolderPath
Where ParentFolderPath is the path to the parent folder whose first level sub-folders are named as a user's logon name, like Jerry.
NOTE: GrantAdmin.bat uses the Corrected version of SubInAcl.
In addition to granting Administrators Full Control, GrantAdmin.bat insure that the user is the owner of their redirected folder, sub-folders, and files.
GrantAdmin.bat contains:
@echo off if \{%1\}==\{\} @echo Syntax: GrantAdmin ParentFolderPath&goto :EOF if not exist %1 @echo Syntax: GrantAdmin %1 NOT found.&goto :EOF setlocal set parent=%1# set parent=%parent:"=% set parent=%parent:\#=% set parent=%parent:#=% pushd "%parent%" for /f "Tokens=*" %%a in ('dir /b /a "%parent%"') do ( echo y| cacls "%parent%\%%a" /T /E /C /g Administrators:F echo y| cacls "%parent%\%%a" /T /E /C /g "%USERDOMAIN%\%%a":F subinacl /noverbose /nostatistic /subdirectories "%parent%\%%a" /setowner="%USERDOMAIN%\%%a" subinacl /noverbose /nostatistic /subdirectories "%parent%\%%a\*.*" /setowner="%USERDOMAIN%\%%a" ) popd endlocal