Chad(wik)’s Musings…

A Georgia Tech student on development and IT management

«
»

Resetting and Re-assigning Permissions for Home Directories and Folder Redirection in Windows 2008 R2

Posted by chadwik on September 16, 2010

I just wanted to post this quickly since I just got finished with testing it.  After moving a ton of user directories from Novell to a Microsoft share, I needed to reset permissions.

This quick and dirty method will look at the name of the user’s folder and attempt to apply ownership and modify permissions to the folder and everything below it for the constructed username %your_domain%\%folder_name%.

I say that it’s dirty because if the folder is not named the same as the user’s username, ownership and permissions simply won’t be applied.  It’s a quick way to get started though!

It’s useful to reset permissions for everything in the “home” directory (the one containing all of the user’s home folders) first by running

icacls %home_parent_dir% /reset /t

The script:

' Script to change file permissions on homedrive folders
' Author: Adapted from Ric Charlton's code by Chadwik
' ------------------------------------------------------

Set FSO = CreateObject("Scripting.FileSystemObject")
Set ObjShell = Wscript.CreateObject("Wscript.Shell")

ShowSubfolders FSO.GetFolder("D:\home")

Sub ShowSubFolders(Folder)
    For Each Subfolder in Folder.SubFolders
        WScript.Echo "Folder = " & Subfolder
	'This assumes that the username and subfolder are equal
	userName = SubFolder.Name

	'First set ownership of the path and all subfolders
	CMDLine0 = "icacls """ & Subfolder & """ /setowner %domain%\" & userName & " /t"
	WScript.Echo "Setting the owner of " & Subfolder
	ObjShell.Run CMDLine0

	'Now set the permissions on the directory so that all subfolders and files inherit ownership rights from the parent folder.  Then grant the user Modify access
	CMDLine1 = "icacls """ & Subfolder & """ /grant %domain%\" & username & ":(OI)(CI)M"
	WScript.Echo "Setting object and folder inheritance on the directory and applying modify permissions for the owner"
	ObjShell.Run CMDLine1

    Next
End Sub

Simply modify this script by changing the directory to run it against and adding your domain name.

Advertisement

This entry was posted on September 16, 2010 at 5:53 pm and is filed under Active Directory 2008, Work. Tagged: , , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

«
»
 
Follow

Get every new post delivered to your Inbox.