Deploying a script to lock folders down so that users cannot access them
Hi Guys I have written a simple batch script to lock down a folder so that domain users cannot access it, and the script works as expected. What I have found after deploying it to the users is that the script makes its way to the PC's targeted but for some reason a percentage of unknown number of PC's do not kick off the script and on others it does. Yet the KACE log shows that the PC's have run the script. I then login to some of the PC's that have receive the script but have not run, then deploy the script again via KACE and then it runs successfully...??? Why would this be? Is there a way to track the effect of the script via KACE so that we can find out which ones have "Actually" run vs the PC's that have not and or vice versa?
Redacted version of the batch script
icacls "C:\Program Files\x\x\x\rdata\archive" /reset /T
icacls "C:\Program Files\x\x\\rdata\archive" /deny "jdg\domain users":(OI)(CI)f
icacls "C:\Program Files\x\x\x\rdata\archive" /grant:r "CREATOR OWNER":(oi)(ci)f
icacls "C:\Program Files\x\x\x\rdata\archive" /grant:r "SYSTEM":(oi)(ci)f
icacls "C:\Program Files\x\x\x\rdata\archive" /grant:r "Users":(oi)(ci)f
icacls "C:\Program Files\x\x\x\rdata\archive" /grant:r "administrators":(oi)(ci)f
icacls "C:\Program Files\x\x\x\rdata\archive" /inheritance:r
-
Does the KACE agent have rights to preform this task? - dedenker 8 years ago
-
Thanks Guys for the input, Flag makes it easier to track on which PC's it applies, just worried as to why it would not apply after deployment on some PC's. - elchupathingy78 8 years ago
Answers (2)
