+ Post New Thread
Results 1 to 10 of 10
Wireless Networks Thread, Setting permissons on Userareas in Technical; Evening All, I'm in need of some help... Just had a phone call from a member of SMT . He ...
  1. #1
    Gonk's Avatar
    Join Date
    Aug 2007
    Location
    Haverfordwest, Pembrokeshire
    Posts
    535
    Thank Post
    124
    Thanked 100 Times in 73 Posts
    Rep Power
    71

    Exclamation Setting permissons on Userareas

    Evening All,

    I'm in need of some help...

    Just had a phone call from a member of SMT. He decided, because he couldn't access a pupils userarea, to replace all the permissions on the userarea share.

    This means that currently the SMT Group have full control and noone else can access it.

    This is a bit of an issue as I redirect my documents to the userarea share.

    I've had a look at http://www.edugeek.net/forums/networ...ns-issues.html and had a quick attempt top fix the issue using Ric_'s script.

    My users are set up like this:

    Under the root domain in active directory there is the pupils OU and under that, I have OU's for each year e.g. 2009 Pupils, 2008 Pupils etc

    All the users under 200x Pupils OU's then belong to a security group in the Users folder.

    I use the security group to redirect the users my dos to their userarea e.g. \\dc02\Students\2001\%username%

    I've modified the vbs script to mirror the set up:

    Set FSO = CreateObject("Scripting.FileSystemObject")
    Set ObjShell = Wscript.CreateObject("Wscript.Shell")

    ShowSubfolders FSO.GetFolder("D:\Students\2001")

    Sub ShowSubFolders(Folder)
    For Each Subfolder in Folder.SubFolders
    WScript.Echo "Folder = " & Subfolder
    userName = SubFolder.Name
    CMDLine1 = "cscript xcacls.vbs " & """" & Subfolder & """" & " /T /G staff:r ""Domain admins:f"" " & "academic\pupils\2001 Pupils" & userName & ":m"
    ' WScript.echo "Command = " & CMDline1
    WScript.Echo "Running XCACLS..."
    ObjShell.Run CMDLine1

    CMDLine2 = "chown -r " & userName & " """ & Subfolder & """"
    ' WScript.Echo "Command = " & CMDLine2
    WScript.Echo "Running CHOWN..."
    ObjShell.Run CMDLine2
    Next
    End Sub

    and it doesn't work. I get the error - Can not find user: <username>

    Can't see the wood for the trees now so any suggestions greatly accepted!

    Cheers

    Ross

  2. #2

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    I'm not a VBS person, but at a very quick glance this bit looks wrong:

    "academic\pupils\2001 Pupils" & userName

    You need the <Domain>\<samAccountName> to end up there e.g. "CONTOSO\jbloggs". If your domain was called CONTOSO then that line should be:

    CMDLine1 = "cscript xcacls.vbs " & """" & Subfolder & """" & " /T /G staff:r ""Domain admins:f"" " & "CONTOSO\" & userName & ":m"

    PS: Uncomment the WScript.echo "Command = " & CMDline1 line so you can see whether it looks right.
    Last edited by PiqueABoo; 8th September 2009 at 08:37 PM. Reason: PS:

  3. Thanks to PiqueABoo from:

    Gonk (10th September 2009)

  4. #3
    round2it's Avatar
    Join Date
    May 2009
    Location
    UK
    Posts
    999
    Thank Post
    198
    Thanked 144 Times in 102 Posts
    Rep Power
    36
    Your SMT have that much access to the system.............OMG our system would die within an hour

    We only allow teachers to view pupils documents now as they used to have full access but things were going missing so now i only allow write access to the ICT teacher who does not have the sudden urge to press the delete key.

    Hope you get it fixed.

  5. Thanks to round2it from:

    Gonk (10th September 2009)

  6. #4

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    11,078
    Thank Post
    1,794
    Thanked 2,188 Times in 1,619 Posts
    Rep Power
    774
    Why do your SMT have this level of permissions on your server?

    Passwords need to be made available in case of runaway buses/swine flu, but should be kept in a locked safe well away from those who don't have the technical expertise!

    I think you need to get this issue raised asap. If you're not the NM, get him/her to do it! A little knowledge is a dangerous thing... which is why I work with a logon that has the same access as my teachers 90% of the time... I only use my domain admin login if I have to... accident prevention!

  7. Thanks to elsiegee40 from:

    Gonk (10th September 2009)

  8. #5
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,009
    Thank Post
    120
    Thanked 282 Times in 260 Posts
    Rep Power
    108
    Use NTFS Fix from wisesoft. Nice simple GUI will let you set everything as you need it.

  9. Thanks to ChrisH from:

    Gonk (10th September 2009)

  10. #6
    Gonk's Avatar
    Join Date
    Aug 2007
    Location
    Haverfordwest, Pembrokeshire
    Posts
    535
    Thank Post
    124
    Thanked 100 Times in 73 Posts
    Rep Power
    71
    Quote Originally Posted by round2it View Post
    Your SMT have that much access to the system.............OMG our system would die within an hour

    We only allow teachers to view pupils documents now as they used to have full access but things were going missing so now i only allow write access to the ICT teacher who does not have the sudden urge to press the delete key.

    Hope you get it fixed.
    @elsiegee40 & round2it :

    All the doumentation is kept in the fireproof safe, along with the passwords in a sealed envelope. According to the said member of SMT, if myself or the PFY can't be contacted why shouldn't he use the information in the safe. It was an emergancy (in his mind).

  11. #7
    round2it's Avatar
    Join Date
    May 2009
    Location
    UK
    Posts
    999
    Thank Post
    198
    Thanked 144 Times in 102 Posts
    Rep Power
    36
    how did you get on.?

  12. Thanks to round2it from:

    Gonk (10th September 2009)

  13. #8
    Abaddon's Avatar
    Join Date
    Mar 2006
    Location
    Middlesex
    Posts
    599
    Thank Post
    70
    Thanked 68 Times in 63 Posts
    Rep Power
    60
    Quote Originally Posted by Gonk View Post
    @elsiegee40 & round2it :

    All the doumentation is kept in the fireproof safe, along with the passwords in a sealed envelope. According to the said member of SMT, if myself or the PFY can't be contacted why shouldn't he use the information in the safe. It was an emergancy (in his mind).
    I guess he's got his answer though! Those details are available here in case of an emergency that takes me or my tech out of the picture, but they would be given to a suitably qualified person from a support company at least. Nobody here on the SMT has any doubt about their ability to break everything if they touch it.

  14. Thanks to Abaddon from:

    Gonk (10th September 2009)

  15. #9
    Gonk's Avatar
    Join Date
    Aug 2007
    Location
    Haverfordwest, Pembrokeshire
    Posts
    535
    Thank Post
    124
    Thanked 100 Times in 73 Posts
    Rep Power
    71
    Hi all,

    many thanks for your help with this little issue!

    all fixed now!

    Cheers

    Ross

  16. #10

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    11,078
    Thank Post
    1,794
    Thanked 2,188 Times in 1,619 Posts
    Rep Power
    774
    Quote Originally Posted by Abaddon View Post
    I guess he's got his answer though! Those details are available here in case of an emergency that takes me or my tech out of the picture, but they would be given to a suitably qualified person from a support company at least. Nobody here on the SMT has any doubt about their ability to break everything if they touch it.
    SMT feel the same about their IT skills here... the biggest danger is our caretaker who thinks he knows a bit about computers... but the SMT have different ideas about his skills fortunately!

SHARE:
+ Post New Thread

Similar Threads

  1. Setting network save setting in Kar2ouche
    By Little-Miss in forum Windows
    Replies: 3
    Last Post: 12th December 2011, 03:44 PM
  2. Setting Up Moodle
    By IKWeb in forum Virtual Learning Platforms
    Replies: 9
    Last Post: 17th July 2009, 11:20 AM
  3. Setting up a new network
    By wesleyw in forum How do you do....it?
    Replies: 16
    Last Post: 12th March 2007, 09:57 AM
  4. AB Tutor setting
    By eastlondon in forum Windows
    Replies: 0
    Last Post: 29th September 2006, 11:46 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •