Microsoft KB Archive/180464

= How To Automate Folder Permissions =

Article ID: 180464

Article Last Modified on 2/27/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Datacenter Server
 * Microsoft Windows NT Workstation 3.51
 * Microsoft Windows NT Workstation 4.0 Developer Edition
 * Microsoft Windows NT Server 3.51
 * Microsoft Windows NT Server 4.0 Standard Edition

-



This article was previously published under Q180464





SUMMARY
It is sometimes necessary to assign permissions to a folder so that a particular User and the Administrators group can administer it, as in the case of Users Home Directories.



MORE INFORMATION
Using the following three files (Addperm.cmd, Addperm2.cmd, and Yes.txt) you can add the Administrators Group and the User (whose logon name must be the same as the folder name) to the Access Control List (ACL) on the folder. This method only uses CACLS; no resource kit tools are needed.

NOTE: This article assumes you have a USERS share that contains individual directories. Either retype or copy and paste the following information into a file called Addperm.cmd in the root directory of the drive that has the USERS directory.

Addperm.cmd
A simplified Addperm.cmd using a different dir command

REM You can delete/REM the following line for troubleshooting. @echo off IF (%1)== GOTO NoArgs Echo Creating directory listing... dir %1 /A:D /B > dir.txt for /F "delims= tokens=1" %%a in (dir.txt) do call addperm2.cmd %1 %%a echo - echo - Finished. echo - GOTO End
 * NoArgs

ECHO usage: ADDPERM  ECHO.
 * End

del dir.txt

Addperm2.cmd
Addperm2.cmd with examples added if %2==bytes GOTO :End REM Prefix %2 with the domainname\ if applying permissions to workstations or REM member server and place Quotes if groups contain a space. cacls %1\%2 /T /G Administrators:F MUG2000\%2:C "MUG2000\Domain Admins":F <\yes.txt
 * End

Yes.txt
The third file is a little more difficult.

Open a command prompt (Cmd.exe) and change directories to the root directory of the drive to which you have saved the other two files.

Type the following:

COPY CON YES.TXT

y



This creates a text file with the Y and ENTER needed to automate the CACLS command.

To use the batch files type the following command:

addperm c:\users

These batch files can easily be altered to add different permissions to the directories. The /t switch instructs CACLS to change the permissions on all subfolders if the users folder has them.

If a user account does not match the name of the directory, you receive the error message:

No mapping between account names and security IDs was done.

Additional query words: processing process automate

Keywords: kbhowto kbinfo KB180464

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.