An efficient way to set permissions + inheritance on a NTFS is do this by Windows CMD (Batch) rather than by clicking trough all the dialogs like a madman.
Here is a case scenario where the usernames and the foldernames of the users are exact the same.
Example:
- Username: johndoe
- Foldername: johndoe
- Domain: sysstem
Define your domain or read it via the predefined variable (%USERDOMAIN%)
Set the location of your directory where the userfolders are located in.
The Script goes through all directories and sets the rights OI (Object Inheritance), CI (Container Inheritance), F (Full Permission).
“inheritance:d” copies the permission of the parent, breaks the inheritance and saves it to all child objects and containers recursivly.
@echo off
setLocal EnableDelayedExpansion
set dir=\fileserver01.sysstem.ataustriaviennausers
set domain=sysstem
set logfile=icacls.log
for /f "tokens=*" %%a in ('dir %dir% /b') do (
echo %%a>>%logfile%
icacls %dir%%%a /grant %domain%%%a:^(OI^)^(CI^)^(F^) /inheritance:d >> %logfile%
)
echo See %logfile% for Errors
pause
Here is an overview of how one can set the inheritance.
.gif "Microsoft NTFS Permission Inheritance")
If you are on a Windows Server 2003 SP2 x86 you will need the a patch from the Microsoft-site which will not require a restart since it might be only a simple bytepatch.
I am not sure if I could provide the patch here on my site so here is a link to download this patch. You need to register with an email-address so Microsoft could contact you if they made any changes on the patch.