Folder Permissions Automation v1.0 by Synchrony Services (www.synchronyservices.co.uk) We've had a number of clients who need to either put granular permissions on their shared folders, or replace their existing shared permissions model. We wrote this tool to enable NTFS permissioning based on a spreadsheet for input. Using a spreadsheet to drive this tool allows for permissions that are being put in place to be signed off at management level prior to implementation. The spreadsheet uses the recommended Microsoft best practice as it's basis. Active Directory groups are used to permission the folders and users are added to the Active Directory groups. ********* INSTRUCTIONS FOR USE ****************** To use this tool, please ensure the following files are in the same directory: - SharedFolderPermissions.xlsx - Example Excel file with shared folder, group and user information - CreateGroups.exe - Executable to run to create groups listed in creategroups.csv - CreateGroups.csv - CSV file output from main spreadsheet with group creation information - Groups2Folders.exe - Executable to run to apply groups to folders as per the information in groups2folders.csv - Groups2Folders.csv - CSV file output from main spreadsheet with folder permission information - OU.txt - the OU to your group creation location, eg, OU=Security Groups,OU=Groups,OU=FTP,DC=mydomain,DC=local - Users2Groups.exe- Executable to run to assign users to groups listed in users2groups.csv - Users2groups.csv - CSV file output from main spreadsheet with users and group assignment information - (Windows 2003 and previous) Windows2000and2003-Groups2Folders.exe - Required if you are using Windows 2003 or previous - Executable to run to apply groups to folders as per the information in groups2folders.csv - (Windows 2003 and previous) XCACLS.vbs - Required if you are using Windows 2003 or previous ** All executables must be run as Administrator (right click -> Run as Administrator) PRE-REQUISITE. Please apply any generic permissions to your folder structures prior to running these tools. Eg, Domain Admins/Full Control, System/Full Control etc. as this tool will EDIT permissions and not REPLACE them. STEP 1. Populate the SharedFolderPermissions spreadsheet with all the necessary information as per the example spreadsheet. For Column C in the Groups2Folders tab, use the following for determining which character to put down for which permission: N - no access F - full access M - modify access RX - read and execute access R - read-only access W - write-only access D - delete access STEP 2. Edit the OU.txt file and enter the location of the Active Directory OU where you want to create the groups, eg, OU=Security Groups,OU=Groups,OU=FTP,DC=mydomain,DC=local STEP 3. Save the CreateGroups tab of the spreadsheet as a CSV file named CreateGroups.csv in the same folder location as the tools STEP 4. Save the Users2Groups tab of the spreadsheet as a CSV file named Users2Groups.csv in the same folder location as the tools STEP 5. Save the Groups2Folders tab of the spreadsheet as a CSV file named Groups2Folders.csv in the same folder location as the tools STEP 6. Run the CreateGroups.exe file (right click -> Run as Administrator) to create the groups and review the output. If there are any errors reported, ensure your input data is correct STEP 7. Run the Users2Groups.exe file (right click -> Run as Administrator) to add users to the specified groups and review the output. If there are any errors reported, ensure your input data is correct STEP 8. (Windows 2008 and above). Run the Groups2Folders.exe file (right click -> Run as Administrator) to assign groups to folders and review the output. If there are any errors reported, ensure your input data is correct STEP 9. (Windows 2003 and previous). Run the Windows2000and2003Groups2Folders.exe file (right click -> Run as Administrator) to create the groups and review the output. If there are any errors reported, ensure your input data is correct For any questions or queries, please visit wSynchrony Services (www.synchronyservices.co.uk) *Please Note - Synchrony Services (www.synchronyservices.co.uk) are not responsible for the mis-use of these tools or any outcomes perceived to be the result of the toolsets. Please ensure you run these tools in a test scenario first to confirm the functionality is as desired. *If required, we can give access to the source code for security reasons, however to ensure intellectual rights, this would be subject to an NDA and negotiated cost.