|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Script to set share permissions on home directoriesI have a directory with ~1600 home folders in it that have incorrect
share permissions - currently set to :
Administrators - full control Everyone - Read whereas i need them all to be Administrators - full control Everyone - Change / Read NTFS permissions are fine, its just the share permissions that need changing. Does anyone know of a script or method to set these permission en masse ? Thanks in advance ! -- Greenmynci ------------------------------------------------------------------------ Greenmynci's Profile: http://forums.techarena.in/members/greenmynci.htm View this thread: http://forums.techarena.in/server-scripting/1128125.htmhttp://forums.techarena.in
Show quote
Hide quote
"Greenmynci" <Greenmynci.3o1jnb@DoNotSpam.com> wrote in message I might have something at work and will look it up tomorrow. In the news:Greenmynci.3o1jnb@DoNotSpam.com... > > I have a directory with ~1600 home folders in it that have incorrect > share permissions - currently set to : > > Administrators - full control > Everyone - Read > > whereas i need them all to be > > Administrators - full control > Everyone - Change / Read > > NTFS permissions are fine, its just the share permissions that need > changing. Does anyone know of a script or method to set these > permission en masse ? meantime, are the share names identical to the foldernames? If so, whatever command (probably NET SHARE) will be used will be able to deduce the sharename from the folder name as in: for /d %%F in (\\server\users$\*) do ( NET SHARE %n$ etc... Alternately, if all of your client O/S's are NT-based, you could modify the home folder attribute from something like: \\server\username$ to: \\server\users$\username Once that is done, you could delete the shares. /Al The folders are named after user id's ie
10445634 16482826 18457358 etc. the respective shares are 10445634$ 16482826$ 18457358$ I can't change the parent folder structure (D:\users\<homefolder>) ,as the home folders are created using a import script which relies on a fixed path and is out of my control. Thanks for your help with this. -- Greenmynci ------------------------------------------------------------------------ Greenmynci's Profile: http://forums.techarena.in/members/greenmynci.htm View this thread: http://forums.techarena.in/server-scripting/1128126.htmhttp://forums.techarena.in
Show quote
Hide quote
"Greenmynci" <Greenmynci.3o2bfc@DoNotSpam.com> wrote in message Sorry, but I could not find what I said I might have at work regarding news:Greenmynci.3o2bfc@DoNotSpam.com... > > The folders are named after user id's ie > > 10445634 > 16482826 > 18457358 > etc. > > the respective shares are > > 10445634$ > 16482826$ > 18457358$ > > I can't change the parent folder structure (D:\users\<homefolder>) ,as > the home folders are created using a import script which relies on a > fixed path and is out of my control. > > Thanks for your help with this. setting permissions on shares. I might have been thinking of folders when I said that. That said, if your import script creates the folders, and presumably shares them and applies the permissions, does it also set the user's account to reference that share? Regardless, if you can modify the home folder attribute of the user accounts from \\server\usernameshare$ to give a UNC path to the folder, then the permissions on the share will have no effect. For example, my home folder is contained in folder "E:\Users\", which is shared as \\servername\users$. My home folder was originally shared out separatley as something like \\servername\Al$, which is the value that was originally used for my home folder attribute. Without changing anything on the fileserver, I was able to change the home folder attribute from \\servername\Al$ to \\servername\Users$\Al. Of course, we did this, not just for me, but for all users. We then deleted all the individual shares as they were no longer required. The benefits: - fewer shares need to be defined on the server; - we do not need to remember to modify the share as required when a home folder is delete, renamed, or relocated; - we never have orphaned shares to delete. the only problem I am aware of: - not well supported on w98 clients. /Al Al Dunbar <aland***@hotmail.com> wrote:
Show quoteHide quote > "Greenmynci" <Greenmynci.3o2bfc@DoNotSpam.com> wrote in message Hear, hear. I don't even use home directories anymore (folder redirection > news:Greenmynci.3o2bfc@DoNotSpam.com... >> >> The folders are named after user id's ie >> >> 10445634 >> 16482826 >> 18457358 >> etc. >> >> the respective shares are >> >> 10445634$ >> 16482826$ >> 18457358$ >> >> I can't change the parent folder structure (D:\users\<homefolder>) >> ,as the home folders are created using a import script which relies >> on a fixed path and is out of my control. >> >> Thanks for your help with this. > > Sorry, but I could not find what I said I might have at work regarding > setting permissions on shares. I might have been thinking of folders > when I said that. > > That said, if your import script creates the folders, and presumably > shares them and applies the permissions, does it also set the user's > account to reference that share? > > Regardless, if you can modify the home folder attribute of the user > accounts from \\server\usernameshare$ to give a UNC path to the > folder, then the permissions on the share will have no effect. > > For example, my home folder is contained in folder "E:\Users\", which > is shared as \\servername\users$. My home folder was originally > shared out separatley as something like \\servername\Al$, which is > the value that was originally used for my home folder attribute. > > Without changing anything on the fileserver, I was able to change the > home folder attribute from \\servername\Al$ to > \\servername\Users$\Al. Of course, we did this, not just for me, but > for all users. We then deleted all the individual shares as they were > no longer required. > The benefits: > > - fewer shares need to be defined on the server; > - we do not need to remember to modify the share as required when a > home folder is delete, renamed, or relocated; > - we never have orphaned shares to delete. > > the only problem I am aware of: > > - not well supported on w98 clients. > > > /Al via group policy works a lot more easily). But even so, no individual user shares. They are an absolute nightmare to manage.  
Thread options
Other interesting topics
modify incremental_backup
Drop leading zeros in a variable Deleting and re-installing printer with new name using login scrip Echo to column position Script for deleting folders + content in root of D:\ after # days Script to set user permissions Undefined variable in login script Scruot to check user rights on folders/subfolders startup scripting File copy and paste script |
|||||||||||||||||||||||
