Solved

icacls to assign permissions to ALL subfolders, even folders not inheriting access?

Posted on 2010-09-09
5
2,850 Views
Last Modified: 2013-12-04
I am using the following command to add a group to the ACL for very large directories. The problem I am having is some of the folders have disabled access inheritance and have explicit access assigned and this group doesn't get added to that folder with the following command.

icacls.exe U:\*.* /grant DOMAIN\GroupName:(OI)(CI)F /C /T

Am I missing a switch or something? Is there a way to force it to add the group to all folders regardless if they are inheriting access? Or is there something else that is preventing the group from being applied to the folder?

Thanks,
0
Comment
Question by:REIUSA
  • 3
  • 2
5 Comments
 
LVL 11

Accepted Solution

by:
Ben Personick earned 500 total points
ID: 33636680
you have used the container inherit and object inherit options in place which will allow the inheritance blocking you put in place to over-ride your changes.

you can change the command as follows and you should be fine.

Also note that if you are trying to change inheritance to be enabled you would use

icalcs "U:\*" /inhereitance:e /T /C

icacls "U:\*" /grant:r Domain\Group:f /C /T

Open in new window

0
 

Author Comment

by:REIUSA
ID: 33636997
Thanks, that looks like it is working.

Something else I noticed is, if I try to apply it to c:\F1\F2\* the group doesn't get added to F2. is there a way to make it apply to F2 also? there are many other sub folders under F1 that I do not want to apply the group to, just F2 and everything below it.
0
 
LVL 11

Expert Comment

by:Ben Personick
ID: 33637648
Try doing one of these two variations for the path


“C:\F1\F2“

“C:\F1\F2\“

I think option 1 will work
0
 

Author Comment

by:REIUSA
ID: 33638615
Cool, thanks. I will try that.
0
 
LVL 11

Expert Comment

by:Ben Personick
ID: 33639211
You're welcome glad I could help =)
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now