Fix/reset Windows home folder permissions

You may experience that your domain users start to complain about not being able to access to their own files/documents in home folders. The problem could be triggered by a help desk or a file migration operation, and it may be solved by fixing/resetting permissions. Here is a recipe:

• Make sure that the HOME root directory has permissions below:SYSTEM - Full - This folder, subfolders and files only
  Domain Admins - Full - This folder, subfolders and files only
  CREATOR OWNER - Full - Subfolder and files only
  Domain Users - Traverse folder ... + List folder ... + Read attributes + Create folders ... + Read permissions - This folder only

ICACLS output for HOME root directory:

	HOME NT AUTHORITY\SYSTEM:(OI)(CI)(F)  
	_**DOMAIN**_\Domain Admins:(OI)(CI)(F)  
	_**DOMAIN**_\Domain Users:(Rc,S,RD,AD,X,RA)  
	CREATOR OWNER:(OI)(CI)(IO)(F)

• Set proper permissions on user's home folders. The batch file below sets a user as the owner of her/his home directory, and resets permissions to inherit from the home root (assuming that user names are used for naming home directories and you run the script within HOME root):

	@echo off
	for /d %%d in (*.*) do icacls %%d /setowner DOMAIN\%%d /t
	for /d %%d in (*.*) do icacls %%d /reset /t