@ECHO OFF :: Check if running in Windows Server 2003 IF NOT "%OS%"=="Windows_NT" GOTO Syntax VER | FIND.EXE "5.2.3790]" >NUL || GOTO Syntax :: User ID should be specified on the command line IF "%~1"=="" GOTO Syntax IF NOT "%~2"=="" GOTO Syntax ECHO."%~1" | FIND.EXE "?" >NUL && GOTO Syntax :: Check if logged on to a domain IF "%UserDomain%"=="%ComputerName% GOTO NoDomain :: Check validity of specified user ID DSQUERY.EXE User -samid "%~1" 2>NUL | FIND.EXE "=" >NUL || GOTO UserNotFound :: Check availablility of third party tools SET Abort=0 TSCMD.EXE /? 2>&1 | FIND.EXE /I "http://www.systemtools.com" >NUL || CALL :DownloadTsCmd CHOWN.EXE /? 2>&1 | FIND.EXE /I "Alexander Frink" >NUL || CALL :DownloadChOwn NLTEST.EXE /? 2>&1 | FIND.EXE /I "/QUERY" >NUL || CALL :InstallNlTest VER | XCACLS.EXE /? 2>&1 | FIND.EXE /I "Permissions" >NUL || CALL :DownloadXCacls IF "%Abort%"=="1" GOTO:EOF :: Check again TSCMD.EXE /? 2>&1 | FIND.EXE "http://www.systemtools.com" >NUL || GOTO Syntax CHOWN.EXE /? 2>&1 | FIND.EXE "Alexander Frink" >NUL || GOTO Syntax NLTEST.EXE /? 2>&1 | FIND.EXE "/QUERY" >NUL || GOTO Syntax VER | XCACLS.EXE /? 2>&1 | FIND.EXE "XCACLS" >NUL || GOTO Syntax :: Keep variables local SETLOCAL :: Retrieve PDC name; delims is a dot, followed by a space and a tab FOR /F "tokens=1 delims=. " %%A IN ('NLTEST.EXE /DSGETDC:%UserDomain% 2^>NUL ^| FIND.EXE "[PDC]"') DO SET PDC=%%A IF NOT DEFINED PDC GOTO NoPdcFound :: Retrieve user's profile path FOR /F "tokens=*" %%A IN ('DSQUERY.EXE User -samid "%~1" 2^>NUL ^| DSGET.EXE User -profile 2^>NUL ^| FIND.EXE "\"') DO SET Profile=%%A :: Retrieve user's Terminal Server profile path FOR /F "tokens=*" %%A IN ('TSCMD.EXE %PDC% "%~1" TerminalServerProfilePath 2^>NUL') DO FOR %%B IN (%%A) DO SET TsProfile=%%B :: Set ownership and permissions for profile directories IF DEFINED TsProfile CALL :Own "%TsProfile%" IF DEFINED Profile CALL :Own "%Profile%" :: Done ENDLOCAL GOTO:EOF :Own :: Display ownership and permissions before, for optional logging DIR /Q "%~1*" CACLS.EXE "%~1" :: Take ownership -- to make absolutely sure this will succeed, use both TAKEOWN and CHOWN TAKEOWN.EXE /F "%~1" /A CHOWN.EXE -r -q Administrators "%~1\*.*" CHOWN.EXE -r -q Administrators "%~1\NTUSER.*.*" CHOWN.EXE -r -q Administrators "%~1\Application Data" FOR %%A IN (DAT DAT.LOG INI POL) DO TAKEOWN.EXE /F "%~1\NTUSER.%%A" /A :: Set permissions -- Administrators, SYSTEM and the user himself, all Full control ECHO Y| CACLS.EXE "%~f1" /T /C /G "BUILTIN\Administrators":F XCACLS.EXE "%~f1" /T /E /C /G "NT AUTHORITY\SYSTEM":F XCACLS.EXE "%~f1" /T /E /C /G "%UserDomain%\%~n1":F :: Return ownership to user CHOWN.EXE -r -q -d %UserDomain% "%~n1" "%~f1\*.*" :: Display ownership and permissions afterwards, for optional logging DIR /Q "%~1*" CACLS.EXE "%~1" ECHO. GOTO:EOF :DownloadTsCmd SET Answer=N ECHO This batch file requires TsCmd to retrieve the Terminal Server Profile path. SET /P Answer=Would you like to download this free tool now? [y/N] IF /I "%Answer%"=="Y" ( START http://www.systemtools.com/free_frame.htm ECHO Install TsCmd after downloading it and PAUSE ) ELSE ( SET Abort=1 ) GOTO:EOF :DownloadChOwn SET Answer=N ECHO This batch file requires ChOwn to set ownership of files and directories. SET /P Answer=Would you like to download this free tool now? [y/N] IF /I "%Answer%"=="Y" ( START http://wwwthep.physik.uni-mainz.de/~frink/chown/readme.html ECHO Install ChOwn after downloading it and PAUSE ) ELSE ( SET Abort=1 ) GOTO:EOF :DownloadXCacls SET Answer=N ECHO This batch file requires XCAcls to change permissions for files and directories. SET /P Answer=Would you like to download this free tool now? [y/N] IF /I "%Answer%"=="Y" ( START http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/xcacls-o.asp ECHO Install XCAcls after downloading it and PAUSE ) ELSE ( SET Abort=1 ) GOTO:EOF :InstallNlTest SET Answer=N ECHO This batch file requires NlTest to retrieve the PDC name SET /P Answer=Would you like to install this tool from your Windows CD-ROM now? [y/N] IF /I "%Answer%"=="Y" ( ECHO Insert your Windows server CD-ROM and install z:\Support\Tools\NLTEST.EXE, ECHO where z: should be replaced by the actual CD-ROM drive letter. PAUSE ) ELSE ( SET Abort=1 ) GOTO:EOF :NoDomain ECHO. ECHO This batch file requires Domain Administrator access. ECHO However, your computer is not even a domain member. ECHO Log on to a domain as a Domain Administrator and try again. GOTO Syntax :UserNotFound ECHO. ECHO Unknown user ID: %UserDomain%\%~1 :Syntax ECHO. ECHO SetOwn.bat, Version 1.00 for Windows Server 2003 ECHO Restore ownership and permissions for roaming ^(TS^) profile directories ECHO. ECHO Usage: SETOWN user_id ECHO. ECHO Where: user_id is the ^(SAM^) ID of the domain user whose roaming ECHO ^(TS^) profile directories need to be corrected ECHO. ECHO Notes: This batch file can only be run on a Windows Server 2003 server in a ECHO domain by a Domain Administrator. ECHO This batch files requires the following ^(third party^) support tools: ECHO CHOWN ^(http://wwwthep.physik.uni-mainz.de/~frink/chown/readme.html^), ECHO TSCMD ^(http://www.systemtools.com/^), XCACLS ^(http://www.microsoft.com/ ECHO windows2000/techinfo/reskit/tools/existing/xcacls-o.asp^) and NLTEST ECHO ^(\SUPPORT\TOOLS directory on the Windows server CD_ROM^). You will be ECHO prompted to download and/or install it if it isn't available. ECHO This is a powerful tool! Use it entirely at your own risk, and only if ECHO you understand what it will do and how. Do not use without testing. ECHO Have a recent, tested, full backup plus restore software ready. ECHO. ECHO Written by Rob van der Woude ECHO http://www.robvanderwoude.com