Inheritance has been fixed in the previous post. Now, would it be nice to have some sort of a report that could find me folders/files that have wrong settings no matter how deep they are. This script would confirm that previous changes were successful.
We are going to look for a specific group in the ACL by parsing CACLS output.
In this example I’m looking for a “GG-ADM-S” group.
Here it is: Continue reading
From time to time our first line support guys were complaining that they have limited access to the users’ home drives. The access to their group is set on the root folder so that when the inheritance is enabled they should have Full Control. Unfortunately this is not always the case. Some of the deeper folders/files have custom NTFS settings where even local Administrators are not listed in the Security.
So, it’s been decided to make an order and fix all this. Obviously the number of folders/files is just huge, way over a million. Let’s see how scripting can help us here 🙂
First off all we need to clarify our requirements:
1. we want to have an NTFS configuration backup, just in case.
2. we need to ensure that current custom NTFS settings are going to remain.
3. we need to ensure that support team have access to all the folders and files no matter how deep they are in the structure. Continue reading