Rob van der Woude's Scripting Pages

FOR loops example

Restore all homedir shares on an NT Server

The possibilities of FOR's new switches introduced in NT 4 never cease to amaze me.

Once, a long time ago in a galaxy far far away, the OS of our Home and Profile server left for the eternal hunting grounds.
As might be expected, that's the moment I found out that every backup ever made had failed to backup anything, for this server only. Never trust Murphy to do your backups right.
First I connected the deceased server's hard disk to the spare server's second SCSI adapter.
After copying all relevant files to the spare server's own hard disk, only a few commands sufficed to get it up and running.

Some assumptions:

Check and modify wherever necessary!

The following code, executed from the server console (2), might save the day:


Of course, you should replace %% with % when you type the commands on the command line.

Notes: (1) For Windows Server 2003, append /GRANT:Everyone,Full at the end of the NET SHARE command.
Before Windows Server 2003, this was the default for a newly created share, but Windows Server 2003 defaults to Read permissions only for Everyone on new shares.
  (2) Instead of taking place behind the server console, you can also use the RCMD utility from the Microsoft ® Windows NT ® Server 4.0 Resource Kit or PSExec by SysInternals in which case you'd better use a batch file and copy that to the server first) to execute this command on the server from your own console. Make sure the server can find the batch file by placing it in the server's path or by specifying the batch file's full path and file name.
  (3) To add a little more security, one more CACLS command line should be added (in this sequence!):
FOR /D %%A IN (*) DO XCACLS D:\USERS\HOME\%%A /T /C /P /Y /G Administrators:F
You need to be a member of the Administrators group to do this, since the first CACLS command line replaces existing access rights.
I prefer to use the Resource Kit's XCACLS instead of CACLS when replacing permissions (/P switch combined with XCACLS' /Y switch).
CACLS asks for confirmation when the /P switch (replace permissions) is used. XCACLS /P /Y will replace permissions without confirmation.
If you do not have the Resource Kit, use this command instead:
FOR /D %%A IN (*) DO (ECHO Y| CACLS D:\USERS\HOME\%%A /T /C /P /G Administrators:F)
Note that there should be no space between the Y and the |
If this is done on a new server, it is much easier to use the following command only once, and not in the FOR loop:
CACLS D:\USERS\HOME /T /C /P /G Administrators:F
By the way, forget the /T switch in Windows 2000 or Server 2003, unless you migrated from NT 4.
Of course, using ROBOCOPY from the Resource Kit to copy the files would be the smartest solution, since it will copy the permissions too when used with the /SEC switch.
I wish I had known that at the moment of the crash.


Click to view source Click to download source

page last modified: 2011-03-04