NTFS permissions

BARTMAN

Distinguished
Jun 16, 2004
10
0
18,510
Archived from groups: microsoft.public.win2000.file_system (More info?)

I have a server that was upgraded to win2k. When it was upgraded some of the
permissions for certain users must have got fouled up. For example I'm using
diskkeeper for defragentation. It is able to scan 95% of the users folders.
The other 5% will not scan. the evet ID is 26. It says The most common reason
Diskeeper cannot open files is because the permissions on the files are set
to deny the SYSTEM logon full control and gives me the name of the users. I
have tried to set the permission for the files using CACLS * /e /t /c /g
''YOUR_DOMAIN\Domain Admins'':F Administrators:F System:F at the root level.
This has no effect. This is also hindering the antivirus product (Norton
Corp). It cannot scan the user files on the server. What I have been able to
figure out is that when the folders are created under the user only they have
ownership and I cannot give admin full control to the folders through command
prompt. I can however do this through explorer but I don not want to go that
way for it would take me months to complete it. Is there any way to get
around this?
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.file_system (More info?)

On Thu, 17 Feb 2005 09:15:01 -0800, "bartman" <bartman@discussions.microsoft.com> wrote:

>I have a server that was upgraded to win2k. When it was upgraded some of the
>permissions for certain users must have got fouled up. For example I'm using
>diskkeeper for defragentation. It is able to scan 95% of the users folders.
>The other 5% will not scan. the evet ID is 26. It says The most common reason
>Diskeeper cannot open files is because the permissions on the files are set
>to deny the SYSTEM logon full control and gives me the name of the users. I
>have tried to set the permission for the files using CACLS * /e /t /c /g
>''YOUR_DOMAIN\Domain Admins'':F Administrators:F System:F at the root level.
>This has no effect. This is also hindering the antivirus product (Norton
>Corp). It cannot scan the user files on the server. What I have been able to
>figure out is that when the folders are created under the user only they have
>ownership and I cannot give admin full control to the folders through command
>prompt. I can however do this through explorer but I don not want to go that
>way for it would take me months to complete it. Is there any way to get
>around this?


Since the user has ownership, why not have a logon script set the system and admin to file on the user folders and files.


Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com