Created
October 24, 2017 23:51
-
-
Save dot1q/9965f90560fa6f2bf9eb64b4f367341b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
Script to reset user folder permissions. | |
Uses: icacls.exe and takeown.exe | |
Tested on Server 2008 R2 X64 | |
For all folders in base folder: | |
1. Recursively resets owner to Administrators | |
2. Reset folder to inherit permissions and apply to subfolders/files, clearing any existing perms | |
3. Add user (based on folder name) with full control and apply to subfolders/files | |
4. Recursivley reset owener to user (based on folder name) | |
#> | |
$mainDir = "E:\Profiles$\asdfasdf" | |
write-output $mainDir | |
$dirs = gci "$mainDir" |? {$_.psiscontainer} | |
foreach ($dir in $dirs){ | |
write-output $dir.fullname | |
takeown.exe /F $($dir.fullname) /R /D Y |out-null | |
icacls.exe $($dir.fullname) /reset /T /C /L /Q | |
icacls.exe $($dir.fullname) /grant ($($dir.basename) + ':(OI)(CI)F') /C /L /Q | |
icacls.exe $($dir.fullname) /setowner $($dir.basename) /T /C /L /Q | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment