EDIT: Apparently I don't have enough rep to answer my own question, so the answer is going here.
OKAY!
SO! I didn't exactly solve the problem… but I stopped using cacls.exe and started using icacls.exe and now it seems to work again.
The batch file now looks like this:
FOR /F "tokens=*" %%A IN (dirlist.txt) DO echo y| icacls "%%A" /T /C /Grant "Domain Admins":f "Some Group":f "some-security-group":f
Apparently, cacls is depreciated in 2k8 and doesn't behave the way you would expect it to anymore…
I may be looking into Mathieu's powershell solution anyway as this is something that will likely have to be done again in the future, and his way seems a lot cleaner.
Thanks for your help, everyone!
Okay, this should be a really simple task but its proving to be more complicated than I think it should be. I'm clearly doing something wrong, and would like someone else's input.
What I would like to do is parse through a file containing paths to directories and set permissions on those directories.
An example line of the input file. There are several lines, all formatted the same way, with a different path to a directory.
E:\stuff\Things\something else (X)\
(The file in question is generated under Cygwin using find to list all directories with "(X)" in the name. The file is then passed through unix2win to make it windows compatible. I've also tried manually creating the input file from within windows to rule out the file's creation method as the problem.)
Here's where I'm stuck… I wrote the following quick and dirty batch file in Windows XP and it worked without any issues at all, but it will not work in server 2k8.
Batch file code to run through the file and set permissions:
FOR /F "tokens=*" %%A IN (dirlist.txt) DO echo y| cacls "%%A" /T /C /G "Domain Admins":f "Some Group":f "some-security-group":f
What this is SUPPOSED to do (and does in XP) is loop through the specified file (dirlist.txt) and run cacls.exe on each directory it pulls from the file. The "echo y|" is in there to automagically confirm when cacls helpfully asks "are you sure?" for every directory in the list.
Unfortunately, however, what it DOES is fall into an infinite loop. I've tried surrounding everything after "DO" with quotes, which prevents the endless loop but confuses cacls so it throws an error.
Interestingly, I've tried running the code from after "DO" manually (obviously replacing the variable with the full path, copied straight from the file) at a command prompt and it runs as expected. I don't think it's the file or the loop, as adding quotes to the command to be executed prevents the loop from continuing past where it's supposed to… I really have no idea at this point. Any help would be appreciated. I have a feeling it's going to be something increadibly stupid… but I'm pulling my hair out so I thought I'd ask.
Best Answer
Would you accept to use powershell ? It could do the whole job, even avoiding the cygwin part.
The first way is to just do the loop through powershell:
Would leverage much more powershell by using it to change ACL:
more detail can be found here: http://technet.microsoft.com/en-us/library/ff730951.aspx