# Full system file permissions issue.



## iarp (May 23, 2005)

Hey all, bit of a pickle. We had a 2003 SP2 box with a dying hard drive(like, 300kbps read only). The SMART data was reading TONS of errors.

Straight to the point, I stupidly did not use a bare metal backup program to save the data. And since all backup programs i had couldn't read the disk because of permission issues, i again stupidly went and reset ownership to my laptops user on EVERYTHING, including windows.

Come to the day I move the data back, i go to start it up and right away there are issues with windows trying to start but unable to access things. So i connect the drive back to my laptop and reset permissions to everyone, full control.

The system runs as is, but literally everything is currently "Everyone, full control". 

The machine is in no sense mission critical, it's just been an old demo machine with a single share on it. My query is, is there any known apps out there that can go through every file and folder and reset permissions back to stock windows install? Reinstall is an option if it comes down to it, but it currently runs and nobody is complaining, except me for security reasons.


----------



## Rockn (Jul 29, 2001)

How about importing the default security templates or preferably a system state backup?


----------



## Elvandil (Aug 1, 2003)

I've been through this before. It's no fun. About the closest you can get is using subinacl and following the directions on this page:

Reset All Permissions.

It's not really a reset to "default", but it's close and better than what you have now.


----------



## iarp (May 23, 2005)

All the security templates are missing and the machine came from someone else before me without any backups.


----------



## Elvandil (Aug 1, 2003)

Security templates will be of no help, anyway. You need to reset every file and folder, as you said. You can also reset the registry, but it doesn't sound like you made any changes there.

I have attached the bare, zipped subinacl.exe just in case you would rather not go through the whole installation process with the MSI. Just put the exe in your system32 folder.


----------

