Question

Asked: Apr 30 2008 7:43 PM GMT
Asked by: Buddyfarr

mass security change on folders

Windows 2000 Server, Windows Server 2003, Folder security, User permissions, Windows Security

We have a script that sets up new users. It sets where the profile directory is to go but does not create it. When the user first logs in it creates the directory and works fine. What I have found is that when it creates it the only account that has access to it is the user's account. Local or Domain Admins do not have access unless I go in and take ownership of the directory. But If I do that the user's account gets taken off of the security tab. So I re-add the account and give them full access to the folder, sub-folders and files. Then replicate it throughout the directory. When the user logs in they get an access denied to the profile directory even though I have checked the files and they have the rights. I have since changed the script to setup the folder too and set the correct rights. What I need to know is if there is a way to add domain admins full control rights to all the existing profile directories without hosing the user's rights to the folder?

Help

Answer Wiki (Improve, edit or add to this answer)

IMPROVE THIS ANSWER

View History

RATE THIS ANSWER

0
Click to Vote:

0
0

Last Answered: May 28 2008 2:34 PM GMT by Alessandro.panzetta

Hello Buddyfarr,
can you post here the script you are talking about so i can have a look at it?
Bye

RSS - Discussions Help

Discuss This Answer

You must be logged-in to discuss a question. Log-in/Register

Buddyfarr | May 1 2008 12:30PM GMT

One update. I tried cacls from the command prompt and it says ACCESS DENIED when trying to add Domain Admins to the acl list. So that option does not work.

Question

mass security change on folders

Subscribe to Alerts! Get questions and answers delivered to your Inbox.

Answer Wiki (Improve, edit or add to this answer)

Discuss This Answer

Ask a Question

Browse IT Answers by Topic