replacing files and folders ownership in home drives

[Bertv]

When the previous network administrator migrated the user accounts from Novell to win 2003, he copied all the user's data into their new home drives (win 2003).
The problem is that he became the owner of the data and the user's disk quota works only with new files and folders.
Each user home drive is name as the username.
I needed a quick way to reassign proper ownership without manually scanning all the folders (1,600 users).
I had a couple of options like subinacl or chown. I opted for chown (Download Free Chown for Windows, Chown for Windows 1.0 Download).
It works well at the exception that it will give ownership of the root home drive to the student .
Not a problem as you can run it again and take ownership as an administrator.

Here are the 2 command lines to restore ownership of all the files and subfolders to a specific user:
chown -r student1 "D:\hwhs_users\students\student1\*"
chown administrator "D:\hwhs_users\students\student1\"

Quick and dirty solution: Scan the students folder, save the home drive name in an array then run Chown with these values:
Here is a small vbscript doing the job.

enjoy.

By the way, I use a nice free utility to find file and folders owned by a specific user: http://www.grimadmin.com/staticpages...php/file-owner
Bert



Set objShell = Wscript.CreateObject("Wscript.Shell")
Set FSO = CreateObject("Scripting.FileSystemObject")

userPath = "D:\hwhs_users\students\"

ShowSubfolders FSO.GetFolder(userPath)

Sub ShowSubFolders(Folder)
For Each Subfolder in Folder.SubFolders
aSplit = Split (Subfolder.path, "\")
UBound(aSplit)
If UBound(aSplit) > 1 Then
user = aSplit(Ubound(aSplit))
Home_drive = Subfolder.path & "\"
cmd1 = "chown -r " & user & " " & chr(34) & home_drive & "*" &chr(34)
cmd2 = "chown administrator " & chr(34) & home_drive &chr(34)
objShell.exec (cmd1)
objShell.exec (cmd2)
End If
Next
End Sub

[RabbieBurns]

I use this

NTFSFix

Its simple, and effective.

[Bertv]

I use this

NTFSFix

Its simple, and effective.

Does it replace the ownership of files and folders or does it replace only permissions?
Their is a difference between ownership and permissions. A user can be granted full access to a file that he doesn't own.
Disk quotas are based on ownership.

ownership.JPG

[sjatkn]

I had a similar problem and used a script which was something like this. Forgive any errors as I don't have access to the actual script I used, just a similar one which I have just tweaked for you.

Effectively it takes a folder as a parameter, enumerates the folders within in it and then changes the ownership using icacls. It also logs which folders have been processed and The assumption is that the home folder and the username are the same. You could easily adapt it to reset the file permissions as well just to ensure that all is as it should be.

Code:

' Reset ownership of the sub-folders of the given folder.

Option Explicit

Dim nArgs, objFSO, objFolder, objSubfolder, colSubFolders, strFolder, folderIdx, strSubFolder
Dim strLogDirectory, strProcessedLog
Dim objChildFolder, objSubSubFolder, strSubSubFolder, colChildFolders, strSubFolderName
Dim wshShell, strCmd

If Not WScript.FullName = WScript.Path & "\cscript.exe" Then
	wscript.echo "Rerun using cscript"
	wscript.quit
end if

strLogDirectory = "."
strProcessedLog = "resetFolders.log"

set objFSO = CreateObject("Scripting.FileSystemObject")

nArgs = WScript.Arguments.Count

If nArgs < 1 then
	WScript.Echo "usage: cscript Reset_Ownership.vbs Path_to_folders_to_be_reset. Example ""G:\home\pupils\05\"" "
	WScript.Quit
end If

strFolder = Wscript.arguments.item(0)
if strFolder = "" then
	wscript.echo "No Folder parameter was passed"
	wscript.quit
end if

wscript.echo "Top level folder " & strFolder
set objFolder = objFSO.GetFolder(strFolder)
set colSubfolders = objFolder.SubFolders

for each objSubfolder in colSubfolders
	strSubFolder = objSubfolder.path
	strSubFolderName = objSubfolder.name

	'wscript.echo "Resetting permissions in " & strSubFolder
	on error resume next

	' Reset account permissions
	set wshShell = WScript.CreateObject("Wscript.shell")

	strCmd = "icacls " & strSubFolder & " /setowner " & strSubFolderName & " /t /c" 
	wscript.echo strCmd

	call wshShell.run (stdCmd, 2, True)

	if err.number <> 0 then
		WriteAccountLog "Error setting ownership: " & strSubFolder & " Error: " & err.number & " " & err.description, Date, Time, strLogDirectory, strProcessedLog
	else
		WriteAccountLog "Reset ownership:  " & strSubFolder, Date, Time, strLogDirectory, strProcessedLog
	end If
	on error goto 0
	
next

wscript.echo "Folder reset completed. Check " & strLogDirectory & strProcessedLog & " for a list folders processed."

wscript.quit
	
function WriteAccountLog(strSubFolder, strDate, strTime, strLogDirectory, strLog)

	Dim objFSO, objFolder, objShell, objLogFile
	Dim strLogText

	strLogText = strSubFolder & "," & strDate & "," & strTime 

	' Open account log and account log files for appending.
	'Create the File System Object
	Set objFSO = CreateObject("Scripting.FileSystemObject")

	' Check that strLogDirectory exists
	If objFSO.FolderExists(strLogDirectory) then
		set objFolder = objFSO.GetFolder(strLogDirectory)
	else
		set objFolder = objFSO.CreateFolder(strLogDirectory)
	end if

	if objFSO.FileExists(strLogDirectory & strLog) then
		set objFolder = objFSO.GetFolder(strLogDirectory)
	else
		set objLogFile = objFSO.CreateTextFile(strLogDirectory & strLog)

		set objLogFile = objFSO.OpenTextFile (strLogDirectory & strLog, ForAppending, True)
		objLogFile.WriteLine("Processed Folder, Update Date,Update Time")
		objLogFile.close

	end If

	' without doing this a permissions error will probably occur
	set objFolder = nothing
	set objLogFile = nothing

	'OpenTextFile method needs a const value
	'ForAppending = 8
	'ForReading = 1
	'ForWriting = 2
	Const ForAppending = 8

	Set objLogFile = objFSO.OpenTextFile (strLogDirectory & strLog, ForAppending, True)

	objLogFile.WriteLine(strLogText)

	objLogFile.close
end Function

[Bertv]

Good one sjatkn

I found that a lot of people have hard time to differentiate between ownership and file access rights.
This is why I found 177,000 file and folders owned by the administrator in my user folders.
I will try to run your script on my test server.


Thanks for the reply