0 Bewertungen0% fanden dieses Dokument nützlich (0 Abstimmungen)
45 Ansichten2 Seiten
KB article 125996 talks about the network share piece of it, but it does not talk about NTFS permissions. To backup share permissions, export the Shares registry key and Give it a file name such as shareperms.reg.
Originalbeschreibung:
Originaltitel
How to Back Up and Restore NTFS and Share Permissions - Ask the Directory Services Team - Site Home - TechNet Blogs
KB article 125996 talks about the network share piece of it, but it does not talk about NTFS permissions. To backup share permissions, export the Shares registry key and Give it a file name such as shareperms.reg.
KB article 125996 talks about the network share piece of it, but it does not talk about NTFS permissions. To backup share permissions, export the Shares registry key and Give it a file name such as shareperms.reg.
20/6/2557 How to Back Up and Restore NTFS and Share Permissions - Ask the Directory Services Team - Site
Home - TechNet Blogs
http://blogs.technet.com/b/askds/archive/2008/11/24/how-to-back-up-and-restore-ntfs-and-share-permissions.aspx 1/2 7 How to Back Up and Restore NTFS and Share Permissions Craig Landis 24 Nov 2008 12:22 PM Note that this content has also been added to the TechNet Wiki to allow for community editing. http://social.technet.microsoft.com/wiki/contents/articles/how-to-back-up-and-restore-ntfs-and-share- permissions.aspx From time to time we are asked how to backup and restore NTFS file system permissions as well as network share permissions. KB article 125996 talks about the network share piece of it, but it does not talk about NTFS permissions. One thing that has made the NTFS permissions piece of this simpler is the Icacls tool. Icacls was developed for Windows Vista as a replacement for tools such as Cacls, Xcacls, and Xcacls.vbs. It was also included in Service Pack 2 for Windows Server 2003 and Windows Server 2008. Backup and Restore of Share Permissions To backup share permissions, export the Shares registry key. 1. Open Regedit to the following location: HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares 2. Right-click the Shares registry key and select Export. Give it a file name such as shareperms.reg. When you want to restore the permissions, double-click shareperms.reg to import it back into the registry. Use the Reg tool to backup the registry key from the command line: reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares shareperms.reg If you need to restore it at some point, just run: reg import shareperms.reg Backup and Restore of NTFS Permissions Use this command to backup NTFS permissions: icacls d:\data /save ntfsperms.txt /t /c The /T switch allows it to get subfolder permissions too. The /C switch allows it to continue even if errors are encountered (although errors will still be displayed). Use this command to restore them: icacls d:\ /restore ntfsperms.txt Note that in the command to save the permissions, I specified the target folder D:\Data, but when I restored them, I specified just D:\ as the target. Icacls is a little funky like that, and heres why. If you open the text file with the exported permissions (ntfsperms.txt in the above example), youll see that Icacls uses relative paths (in bold below). Underneath the relative paths are the permissions for the folders in Security Descriptor Definition Language (SDDL) format. data D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU) (A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU) data\folder1 D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU) (A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU) data\folder2 D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU) (A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU) Had I specified D:\Data in the command to restore the permissions, it would have failed looking for a D:\Data\Data folder: D:\>icacls d:\data /restore perms.txt Microsoft's official enterprise support blog for AD DS and more All About Windows Server Cloud OS Blogs Datacenter Management Client Management Virtualization, VDI & Remote Desktop File & Storage & High Availability Windows Server Management Identity & Access Ask the Directory Services Team 20/6/2557 How to Back Up and Restore NTFS and Share Permissions - Ask the Directory Services Team - Site Home - TechNet Blogs http://blogs.technet.com/b/askds/archive/2008/11/24/how-to-back-up-and-restore-ntfs-and-share-permissions.aspx 2/2 Tweet 0 Save this on Delicious 4 Like Share 4 Comments Anonymous 27 Nov 2008 11:09 AM Anonymous 1 Dec 2008 5:25 PM James Fish 12 Dec 2008 6:03 PM d:\data\data: The system cannot find the file specified. Successfully processed 0 files; Failed processing 1 files You might think specifying D:\ as the target in the restore command may somehow mess up the permissions on other folders at that level, but as you can see from the ntfsperms.txt output file, it only has information about the Data folder and subfolders, so that is all it will change. - Craig Landis From time to time we are asked how to backup and restore NTFS file system permissions as well as network Looking for a quick way to capture the permissions on your existing file server in prep for a server Thanks for the tip! Alternatively this can be done with scriptlogic's security explorer that is a great solution for managing ntfs, share, sql, sharepoint and exchange permissions. With this tool you can view, edit, grant, revoke, clone and backup/restore any type of listed above permissions. http://www.scriptlogic.com/products/security-explorer