magnum42
2010-04-30 16:31:01 UTC
Hi,
I have a problem with xcacls.vbs
We have 2 groups ready for each folder (one for Read, one for Modification
permissions).
For example :
Fold1
Fold2
Fold2_Sub1
Fold2_Sub2
Fold_2_Sub2_Sub1
Fold_2_Sub2_Sub2
...
cscript xcacls.vbs "\\server\g$\Share\Fold1" /E /G "DOM\Fold1-R":X /F
cscript xcacls.vbs "\\server\g$\Share\Fold1" /E /G "DOM\Fold1-M":M /F
cscript xcacls.vbs "\\server\g$\Share\Fold2" /E /G "DOM\Fold2-R":X /F
cscript xcacls.vbs "\\server\g$\Share\Fold2" /E /G "DOM\Fold2-M":M /F
cscript xcacls.vbs "\\server\g$\Share\Fold2\Fold2_Sub1" /E /G
"DOM\Fold2_Sub1-R":X /F
cscript xcacls.vbs "\\server\g$\Share\Fold2\Fold2_Sub2" /E /G
"DOM\Fold2_Sub2-M":M /F
...
Why I do this, the read and change groups are ok on the first level, but the
go down every level on the files.
We also tried using the "/SPEC D" switch, but the permissions continue to
inherit every level, most of the time only on the files.
Each folder needs to have their two groups (read and change), but nothing
should inherit down to subfolders, except for the security ACE's put on top,
on the share itself.
I'm tired (and french), so I hope I'm clear enough. Please help.
Thanks a lot.
I have a problem with xcacls.vbs
We have 2 groups ready for each folder (one for Read, one for Modification
permissions).
For example :
Fold1
Fold2
Fold2_Sub1
Fold2_Sub2
Fold_2_Sub2_Sub1
Fold_2_Sub2_Sub2
...
cscript xcacls.vbs "\\server\g$\Share\Fold1" /E /G "DOM\Fold1-R":X /F
cscript xcacls.vbs "\\server\g$\Share\Fold1" /E /G "DOM\Fold1-M":M /F
cscript xcacls.vbs "\\server\g$\Share\Fold2" /E /G "DOM\Fold2-R":X /F
cscript xcacls.vbs "\\server\g$\Share\Fold2" /E /G "DOM\Fold2-M":M /F
cscript xcacls.vbs "\\server\g$\Share\Fold2\Fold2_Sub1" /E /G
"DOM\Fold2_Sub1-R":X /F
cscript xcacls.vbs "\\server\g$\Share\Fold2\Fold2_Sub2" /E /G
"DOM\Fold2_Sub2-M":M /F
...
Why I do this, the read and change groups are ok on the first level, but the
go down every level on the files.
We also tried using the "/SPEC D" switch, but the permissions continue to
inherit every level, most of the time only on the files.
Each folder needs to have their two groups (read and change), but nothing
should inherit down to subfolders, except for the security ACE's put on top,
on the share itself.
I'm tired (and french), so I hope I'm clear enough. Please help.
Thanks a lot.
--
Franck
http://supermarches.faire-le-bon-choix.fr
Franck
http://supermarches.faire-le-bon-choix.fr