Backup and Restore of Share Permissions
To backup share permissions, export the Shares registry key.
- Open Regedit to the following location:HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares
- Right-click the Shares registry key and select Export. Give it a file name such as shareperms.reg.
When you want to restore the permissions, double-click shareperms.reg to import it back into the registry.
Use the Reg tool to backup the registry key from the command line:
reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares shareperms.reg
If you need to restore it at some point, just run:
reg import shareperms.reg
Backup and Restore of NTFS Permissions
Use this command to backup NTFS permissions:
icacls d:\data /save ntfsperms.txt /t /c
The /T switch allows it to get subfolder permissions too. The /C switch allows it to continue even if errors are encountered (although errors will still be displayed).
Use this command to restore them:
icacls d:\ /restore ntfsperms.txt
Note that in the command to save the permissions, I specified the target folder D:\Data, but when I restored them, I specified just D:\ as the target. Icacls is a little funky like that, and here’s why.
If you open the text file with the exported permissions (ntfsperms.txt in the above example), you’ll see that Icacls uses relative paths (in bold below). Underneath the relative paths are the permissions for the folders in Security Descriptor Definition Language (SDDL) format.
data
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
data\folder1
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
data\folder2
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
Had I specified D:\Data in the command to restore the permissions, it would have failed looking for a D:\Data\Data folder:
D:\>icacls d:\data /restore perms.txt
d:\data\data: The system cannot find the file specified.
Successfully processed 0 files; Failed processing 1 files
You might think specifying D:\ as the target in the restore command may somehow mess up the permissions on other folders at that level, but as you can see from the ntfsperms.txt output file, it only has information about the Data folder and sub folders, so that is all it will change.
Source : http://blogs.technet.com/b/askds/archive/2008/11/24/how-to-back-up-and-restore-ntfs-and-share-permissions.aspx
http://social.technet.microsoft.com/wiki/contents/articles/408.how-to-back-up-and-restore-ntfs-and-share-permissions.aspx
Hi, I tested export share permission and did not work on my Windows 7 SP1 x86.
I did not tested yet NTFS permission.
Did you test it and is it works for you?
I have test it on windows server 2008 R2 and not windows clients like windows 7 or windows 8
Thanks for your replay. I’ll test it.
Please give me your feedback when you finish
Hi John,
I tested backup and restore NTFS permission on Widnows Server 2008R2/2012R2 and it’s works fine. The backup share permission works but when I deleted share or share permission from folder they don’t restored.
Could you please describe step-by-step how you tested restore share permission?
as you did exactly , move files to the same path as the original path , move the registry keys and restart the server , and i found the shares exist