In tip 1254, we granted users Full Control on files in their own folder (JSIFCUAll) or to all files in a specified folder (JSIFCU).

To grant users Full Control on files that they own in a common (specified) folder, we need to determine ownership.

To perform the subject task:

JSIFCOwner <Drive:>\Folder DomainName

JSIFCOwner.bat contains:

<b>@echo off
if NOT \{%2\}<h1><a name="_goto_begin_syntax_echo_Syntax_JSIFCOwner_Folder_DomainName_goto_end_begin_setlocal_set_folder_1_set_folder_folder_if_not_exist_folder_goto_syntax_set_domain_2_set_domain_domain_for_f_Tokens_i_in_dir_b_a_d_s_folder_do_call_files_i_endlocal_goto_end_files_set_file_1_for_f_Tokens_1_i_in_subinacl_noverbose_file_file_do_call_doit_i_j_goto_end_doit_if_i_not_1">\{\} goto begin
:syntax
@echo Syntax: JSIFCOwner Folder DomainName
goto end
:begin
setlocal
set folder=%1
set folder=%folder:"=%
if not exist "%folder%\*.*" goto syntax
set domain=%2
set domain=%domain:"=%
for /f "Tokens=*" %%i in ('dir /b /a-d /s "%folder%"') do call :files "%%i"
endlocal
goto end
:files
set file=%1
for /f "Tokens=1*" %%i in ('subinacl /noverbose /file %file%') do call :doit "%%i" "%%j"
goto end
:doit
if /i not %1</a></h1>"/owner" goto end
set user=%2
set user="%user:~2,99%
set work=%user%
set work=%work:"=%
for /f "Tokens=1 Delims=\" %%i in ('@echo %work%') do set auth=%%i
if /i not "%domain%"=="%auth%" goto end
CACLS %file% /E /C /P %user%:F
:end</b>
NOTE: SubInACL causes this batch job to run very slowly.