first_page the funky knowledge base
personal notes from way, _way_ back and maybe today

Command Script: Setting Default NTFS Permissions for a Server

@ECHO OFF COLOR 4F ECHO ************************************************************** ECHO * This Command Script sets Default NTFS Permissions * ECHO * for the Ideal Windows 2000 Member Server. * ECHO * For more details, please recall MS KB Articles Q244600 * ECHO * and Q135268. * ECHO * Are you sure you want to continue? (Press Ctrl C to quit.) * ECHO * * ECHO * * ECHO * WARNING: Permissions for "Terminal Server User" * ECHO * may be lost by running this script. Please review Q244600 * ECHO * before running this script. Please report any errors * ECHO * in the script to rasx@songhaysystem.com. * ECHO * * ECHO ************************************************************** PAUSE

ECHO Setting NTFS Permissions... %SystemDrive%;CD \\

ECHO Setting %SystemDrive%\\Program Files (and subfolders)... ECHO y| CACLS "%SystemDrive%\\Program Files" /P Administrators:F "CREATOR OWNER:F" Users:R SYSTEM:F "Terminal Server User:C" ECHO y| CACLS "%SystemDrive%\\Program Files\\." /T /P Administrators:F "CREATOR OWNER:F" Users:R SYSTEM:F "Power Users:C" "Terminal Server User:C"

CLS ECHO Setting %SystemDrive%\\Documents and Settings... ECHO y| CACLS "%SystemDrive%\\Documents and Settings" /P Administrators:F "Power Users:R" Everyone:R Users:R SYSTEM:F ECHO y| CACLS "%SystemDrive%\\Documents and Settings\\." /P Administrators:F "Power Users:R" Everyone:R Users:R SYSTEM:F

CLS ECHO Setting %SystemDrive%\\Documents and Settings\\Administrator (and subfolders)... ECHO y| CACLS "%SystemDrive%\\Documents and Settings\\Administrator" /P Administrator:F Administrators:F SYSTEM:F ECHO y| CACLS "%SystemDrive%\\Documents and Settings\\Administrator\\." /T /P Administrator:F Administrators:F SYSTEM:F

CLS ECHO Setting %SystemDrive%\\Documents and Settings\\All Users (and subfolders)... ECHO y| CACLS "%SystemDrive%\\Documents and Settings\\All Users" /P Administrators:F "Power Users:C" Users:R Everyone:R SYSTEM:F ECHO y| CACLS "%SystemDrive%\\Documents and Settings\\All Users\\." /T /P Administrators:F "Power Users:C" Users:R Everyone:R SYSTEM:F

CLS ECHO Setting %SystemDrive%\\Documents and Settings\\Default User (and subfolders)... ECHO y| CACLS "%SystemDrive%\\Documents and Settings\\Default User" /P Administrators:F "Power Users:R" Users:R Everyone:R SYSTEM:F ECHO y| CACLS "%SystemDrive%\\Documents and Settings\\Default User\\." /T /P Administrators:F "Power Users:R" Users:R Everyone:R SYSTEM:F

CLS ECHO Setting %SystemRoot% (and selected folders)... ECHO y| CACLS %SystemRoot% /P Administrators:F "CREATOR OWNER:F" Everyone:R "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\." /P Administrators:F "CREATOR OWNER:F" Everyone:R "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Addins" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Addins\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Connection Wizard" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Connection Wizard\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Config" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Config\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Cursors" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Cursors\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Debug" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Debug\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Driver Cache" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Driver Cache\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Driver Cache\\I386" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Driver Cache\\I386\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Fonts" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Fonts\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Help" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Help\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Inf" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Inf\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Java" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Java\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Media" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Media\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\MSAgent" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\MSAgent\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\MSApps" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\MSApps\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\MWW32" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\MWW32\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Registration" /P Administrators:F Everyone:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Registration\\." /P Administrators:F Everyone:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Repair" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Repair\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Security" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Security\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Speech" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Speech\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R Everyone:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R Everyone:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\CatRoot" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\CatRoot\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Com" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Com\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Config" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Config\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Dhcp" /P Administrators:F "CREATOR OWNER:F" "Power Users:R" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Dhcp\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:R" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Drivers" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Drivers\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\DTCLog" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\DTCLog\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Export" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Export\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\GroupPolicy" /P Administrators:F "Authenticated Users:R" SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\GroupPolicy\\." /T /P Administrators:F "Authenticated Users:R" SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\IAS" /P Administrators:F "CREATOR OWNER:F" SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\IAS\\." /P Administrators:F "CREATOR OWNER:F" SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Inetsrv" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Inetsrv\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Mui" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Mui\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Npp" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Npp\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\NtmsData" /P Administrators:F SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\NtmsData\\." /P Administrators:F SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Os2" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Os2\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Ras" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Ras\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Rocket" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Rocket\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Rpcproxy" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Rpcproxy\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Setup" /P Everyone:F ECHO y| CACLS "%SystemRoot%\\System32\\Setup\\." /P Everyone:F ECHO y| CACLS "%SystemRoot%\\System32\\ShellExt" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\ShellExt\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Spool" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" "Print Operators:F" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Spool\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" "Print Operators:F" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Wbem" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Wbem\\." /T /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Wins" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\System32\\Wins\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Temp" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" "Authenticated Users:C" SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Temp\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" "Authenticated Users:C" SYSTEM:F ECHO y| CACLS "%SystemRoot%\\twain_32" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\twain_32\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Web" /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F ECHO y| CACLS "%SystemRoot%\\Web\\." /P Administrators:F "CREATOR OWNER:F" "Power Users:C" Users:R SYSTEM:F

CLS ECHO No more commands to process. ECHO End of Command Script. PAUSE

mod date: 2004-10-17T01:29:06.000Z