PowerShell command to enable security permissions inheritance for the %tmp% folder within Windows 10

A certain Windows 10 Pro computer that I support has an issue where the enable security permissions inheritance for the %tmp% folder keeps getting disabled.

The %tmp% folder is located in the default path of C:\Users\[UserName]\AppData\Local\Temp.

What is the power shell command that will re-enable security permissions inheritance for the %tmp% folder within a Windows 10 OS?

I am posting this question over again since the PowerShell commands I had previously received don't work.
IT GuyNetwork EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ganesh Kumar ASr Infrastructure SpecialistCommented:
There are series of commands to set the permission and inheritance type, refer the blog for more information. The permission can be inherited from parent folder to all its subfolders and files or provide access permissions.

https://blogs.technet.microsoft.com/heyscriptingguy/2014/11/23/weekend-scripter-manage-ntfs-inheritance-and-use-privileges/

Understand before you use the script and the following link provides script to inherit the permission from the parent folders to its sub folders and files. https://social.technet.microsoft.com/Forums/lync/en-US/53896325-39dd-4748-902c-af41bb296e89/folder-and-file-inheritance-not-working-in-powershell?forum=ITCG
IT GuyNetwork EngineerAuthor Commented:
So then what is the correct syntax of the PowerShell command that will allow the %tmp% folder of C:\Users\[UserName]\AppData\Local\Temp to inherit the permissions of the parent folder C:\Users\[UserName]\AppData\Local\?

I have an issue with several Windows 10 computers where the %tmp% folder sometimes loses its Windows security permissions inheritance settings and I have to go to this folder and reset the permissions to inherit the permissions of the parent folder.

I am looking for a way of simplifying the correcting of this issue by creating a PowerShell script file that I can simply double click on instead of having to go through the entire process and having to click several times to fix this.
Krzysztof KubiakWindows Server AdministratorCommented:
Hi

I was doing some scripts to change Permissions on Files, Folders and shared and found that Powershell just from version 5.0 is start getting to become more easierto manage that as it contianc build in CMDlets, less versions oyu need to play aroun with ACL, WMI or install extram modules. Other words messy.
So I combined the icacls.exe command line tool with Powershell as icacls is on all windows and has all the setting you require to change permissions.

https://ss64.com/nt/icacls.html

Enabling inheritance should work with icacls from cmd like this:

icacls %tmp% /inheritance:e

Powershell will not know what %tmp% is but it will know what $env:TEMP is. So a Example Script which you could use or edit is this

Usig Invoke Command:

[string]$Path = $env:Temp   #The path must be the first thing passed to icacls
$enableInherit = "/inheritance:e"
#run icacls using invoke Expression
Invoke-Expression -Command ('icacls $Path $enableInherit')

using cmd:
[string]$Path = $env:Temp   #The path must be the first thing passed to icacls
$enableInherit = "/inheritance:e"
#run icacls using invoke Expression
cmd /c "icacls $Path $enableInherit"

You mentioned also that you have the issue on multiple PCs. It would also be possible to script something which remotely goes to the machines and check indovidual folder but becasue you would do that remotely then you would need to check each Temp folder under for each users folder.
It would require a bit more time to script but as you ask for a simple script t run it locally then the suggestion with icacls might help you.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SD-WAN: Making It Work for You

As bandwidth requirements and Internet costs grow, businesses naturally want to manage budgets by reducing reliance on their most expensive connection types. Learn more about how to make SD-WAN work for your business in our on-demand webinar!

IT GuyNetwork EngineerAuthor Commented:
I'll be testing this command the next time that there is a need for me to do so and will update this posting then.

This intermittent problem hasn't reoccurred within the last few days.
Krzysztof KubiakWindows Server AdministratorCommented:
Can you close the Question then fi you are happy with answer
IT GuyNetwork EngineerAuthor Commented:
I'm still testing it and will close it as soon as I can.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.