Question : Script to take ownership of specific folders in C & D drive for the logged in domain user and then add the logged in domain user with full permission in security

hi experts,

im using the link as reference:
http://www.experts-exchange.com/Programming/Languages/Q_26259995.html

How to modify the attached login script to include all of C drive folders except Documents and Settings, Program files, and WINDOWS directory? Since this is achieved though a domain login script (in VBS) via GPO, a code to check if permissions are already applied would be much appreciated. Otherwise, an alternative method can be discussed.

Background, we have just migrated our users' profile from the old to the new domain using the "Copy To" option. However, we encountered issues where users have created and saved their documents into their own folders in C drives with their old domain login. After migration, and when they login with their new profile, these folders were not editable due to permissions issues. We could individually assign permissions but a scripted solution would be more elegant and less helpdesk intensive. 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:

'------------------------------------------------------------
' Add New Domain User to NTFS ACL of D:\MyFolder 
'------------------------------------------------------------
If fso.FolderExists("D:\MyFolder") then
	wscript.stdout.write clear_line & "Modify ACL of D:\MyFolder Directory..."
	WshShell.run "cacls D:\MyFolder /G " & strNewDomain & "\" & strUserName & ":F /C /E /T",0,true	
End If

'------------------------------------------------------------
' Add New Domain User to NTFS ACL of all of C Drive folders ' except - Documents and Settings, Program files, WINDOWS 
'------------------------------------------------------------

...code here...

Answer : Script to take ownership of specific folders in C & D drive for the logged in domain user and then add the logged in domain user with full permission in security

Hi Kenny,

You can use a GPO to apply static (the same) ntfs permissions to a to directories as per this link: http://technet.microsoft.com/en-us/library/cc756952(WS.10).aspx

Or conversely, you can use SubinACL (part of the windows support tools to find and replace permissions): syntax provided here:http://www.robvanderwoude.com/subinacl.php
Random Solutions  
 
programming4us programming4us