The following script resets the permissions of a profile or My documents folder to some custom groups and the Folder owner.
Inside the folder where the user accounts folders are stored place SetACL.exe and create a file called Perms.bat
Inside perms.bat put the following
for /D %%i in (*) do (
subinacl /file %%i /grant=SERVER\%%i=C "/grant=SERVER\domain admins=f" /grant=SERVER\staff=c /setowner=SERVER\%%i
subinacl /subdirectories %%i\* /grant=SERVER%%i=f "/grant=SERVERdomain admins=f" /grant=SERVER\staff=c /setowner=SERVER\%%i )
The above script sets all files/folders inside the directory with the following permissions
Server\%%i = if the name of the users folder is Ltaylor it adds this to the security
Server\domain admins = add domain admins full control
Server\staff = add staff full control
/setowner/%%i = set the owner