<div>
Only success I have had is to take ownership for that user then add the required permissions with calc or xcalc or through the GUI and then give ownership back to the original owner. But as you say it can get messy and I have found that sometimes it is simply better to move or copy the data to a new root folder with the appropriate permissions.
</div>


<div>
You could use Powershell for that. Something like this (untested):<br />
<br />

<pre><code class="code-1 nolinks" id="code-20-40434331-1"><span>gci &quot;X:\your\folder&quot; - Recurse| % {</span>
<span>  $acl = get-acl $_.fullname</span>
<span>  $newRule = New-Object System.Security.AccessControl.FileSystemAccessRule(&quot;username&quot;, &quot;FullControl&quot;, &quot;Allow&quot;)</span>
<span>  $acl.AddAccessRule($newRule)</span>
<span>  set-acl $_.fullname $acl</span>
<span>}</span>
</code></pre>
Replace &quot;X:\your\folder&quot; with the actual folder path and &quot;username&quot; with your IT manager's name.<br />
<br />
HTH,<br />
Dan
</div>


<div>
Issue is there are so many profiles etc taking ownership will be messy as there is a lot to break.<br />
<br />
You mentioned a GUI, have tried a few XCACLS gui tools with no success. I think we may need to logon to data server as local admin and run rather than domain admin. Group wont work - will only apply permissions one level down and there is a lot that is not inherited.<br />
<br />
Thanks very much Dan, that seems like the best option although we'd like something with a GUI as we're getting more requests like this from different clients.<br />
<br />
I have attached a screenshot of what were dealing with here<br />
<a href="https://filedb.experts-exchange.com/incoming/2014/11_w46/882390/EEHelp.jpg" target="_blank" class="file-inline" title="EEHelp.jpg (11 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>EEHelp.jpg</a>
</div>


EEHelp.jpg

<div>
You can hire someone to make you a nice frontend for the powershell script. Basically all the GUI tools in Windows 7+ are frontends to powershell scripts.
</div>


<div>
I suggest you write down exactly what you want the end results on each root folder to be as well as the underlying folders. There is no way, either via script or with GUI that you can do what you are asking with &quot;affecting&quot; the folders in question so I suggest we move the focus from what you have now and trying to add a fix to providing us with the required results so we can write a script to go through all the files and folders and give them the permissions you require--this can be done by you providing csv list of folders, users &amp;&nbsp;their required permissions example<br />
c:\users\bob, bob, full control<br />
and so on
</div>


<div>
<div class="content wysiwyg-content">
One of our clients IT Managers would like to have full access to ALL of their company data.<br />
<br />
Within their company data there are 3 directories - Shared Data/Profiles/Users.<br />
<br />
Is there any way to add a blanket full access permission to every file and folder within their data? A lot of these folders don't inherit permissions so its all a bit messy really.<br />
<br />
This is possible for Shared data, but due to ACL within profiles and users we are unable to add this permission.<br />
<br />
We have tried XCACLS with no luck, is there an alternative program that can facilitate this request?
</div>
</div>


One of our clients IT Managers would like to have full access to ALL of their company data.

Within their company data there are 3 directories - Shared Data/Profiles/Users.

Is there any way to add a blanket full access permission to every file and folder within their data? A lot of these folders don't inherit permissions so its all a bit messy really.

This is possible for Shared data, but due to ACL within profiles and users we are unable to add this permission.

We have tried XCACLS with no luck, is there an alternative program that can facilitate this request?

Folder Permissions

The Microsoft Legacy Operating System topic includes legacy versions of Microsoft operating systems prior to Windows 2000: All versions of MS-DOS and other versions developed for specific manufacturers and Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions, and Windows Mobile.

Microsoft Legacy OS

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.