Sign in to follow this  
Followers 0
tazdev

Folder problems

7 posts in this topic

I am stuck. Here is what I need to do, I have a script that will run on the user's PC. It notes the OS and the network printers installed. After so many logins it even backs up the user's favorites. However, I am using a counter in the text file created so that it only backs up every 15th time.

The problem is this: there has been a change in the security structure. The XP OS has it set so that regular user's have only read access to the main folder and subfolders. They have full access to the temp folder but since I have a counter in the TXT file and they clean that folder out I don't want it there. What I would like to know is: Is there a way to have a script that I run from my PC (I am an admin on all PC's) that will let me create a folder and set up the rights on the remote PC to allow users to have read/write permissions on that folder?

I know how to create the folder but the folder has inherited rights. Those have the user with no write permissions. I need them to have write permissions.

Any ideas? I am out of them.

Share this post


Link to post
Share on other sites



Are you an admin, or are you not?

If you are, then shouldn't you be able to achieve what you want by giving write access to all users for a particular folder? The other option is to change the 'security structure' but somehow I suspect you don't have control over that. ;)

Share this post


Link to post
Share on other sites

I know how to create the folder but the folder has inherited rights. Those have the user with no write permissions. I need them to have write permissions.

Any ideas? I am out of them.

This is a scrap from a gui that I use with Active Directory to change permissions on a remote machine. Please let me know if some of these lines are too cryptic and I'll translate. Basically I put the cacls.exe command into a batch file and then run it. Crude, but I don't have time to do any more with it and it works:

Case $msg = $go
 $SysC = "\\" & $SysSelect & $path
 if FileExists($SysC) = 1 Then                  
 $TarFold = '"\\' & $SysSelect & StringTrimLeft($TarFold,StringInStr($TarFold,"c$")-2)
 $caclpath = "c:\winnt\system32\cacls.exe " & "" & $TarFold & "" & " /T /E /G everyone:" & _ 
      $perm & " <\\server\yesfile"
 FileOpen("c:\temp\ChgFoldPerm.bat",2)
 FileWrite("c:\temp\ChgFoldPerm.bat",$caclpath)
 FileClose("c:\temp\ChgFoldPerm.bat")
 run(@comspec & ' /c ' & "c:\temp\ChgFoldPerm.bat")
 elseif FileExists($SysC) <> 1 Then 
 msgbox(48,"System not online",$SysSelect & " is not on line at this time!")    
 EndIf
EndSelect

...by the way, it's pronounced: "JIF"... Bob Berry --- inventor of the GIF format

Share this post


Link to post
Share on other sites

This is a scrap from a gui that I use with Active Directory to change permissions on a remote machine. Please let me know if some of these lines are too cryptic and I'll translate. Basically I put the cacls.exe command into a batch file and then run it. Crude, but I don't have time to do any more with it and it works:

Looks like CACLS.EXE is what I am looking for.

Yes I have admin rights (as I noted already) on ALL PC's. However, I do not want to change the current security structure instituted by our director. All I want to do is make an install that will push the backup routine to each PC I select, then change the permissions on the folder it will create so that the users have read/write access to it. This is not so much a problem with 2000 as it is with XP. 2000 is not set up that way but we are doing something different with XP.

Thanks jefhal

Share this post


Link to post
Share on other sites

This is not so much a problem with 2000 as it is with XP. 2000 is not set up that way but we are doing something different with XP.

Make sure that "ForceGuest" is disabled on your XP systems. If it's turned on, you'll be authenticating as guest even though you should have admin rights.

If they're XP Home edition, you're out of luck.


[font="Tahoma"]"Tougher than the toughies and smarter than the smarties"[/font]

Share this post


Link to post
Share on other sites

Tested and working

used this line as the syntax. I modified it for the PC names and folder names. Worked very nicely. I looked on the target PC and checked the permissions. Domain Users has Read and Write rights and Admins have full control. Important to note that CACLS will REPLACE not add to the current security settings for the folder.

echo y| CACLS "\\<PCNAME>\C$\<FOLDER>" /G "Domain Users":C Administrators:F

Share this post


Link to post
Share on other sites

Important to note that CACLS will REPLACE not add to the current security settings for the folder.

Look up these parameters to avoid REPLACE: /T /E /G

...by the way, it's pronounced: "JIF"... Bob Berry --- inventor of the GIF format

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0