Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, August 8, 2012 4:08 PM
I have a lot of folders like this:
<DIR> pia.old
<DIR> pia.VS
<DIR> PLY
<DIR> PML
<DIR> psl.VS
<DIR> PTH.VS
<DIR> rla.VS
<DIR> saa.VS
<DIR> sbp.VS
<DIR> sej
<DIR> SER.VS
These are actually windows profiles with security settings like this: (not inherited as you can see)
domain1234\mrb:(F)
NT AUTHORITY\SYSTEM:(F)
BUILTIN\Administrators:(F)
domain1234\mrb:(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
BUILTIN\Administrators:(OI)(CI)(IO)(F)
I would like to give the group VS\VSVSD-S-Reset Profiles modify rights to the root folder only of every profile
Can I do this with the /grant and the /setintegritylevel somehow?
Freddy
All replies (4)
Wednesday, August 8, 2012 5:29 PM ✅Answered
To remove inheritance
icacls ROOT-FOLDER-NAME-PATH /inheritance:d
To add the modify permission to the root folder only
icacls ROOT-FOLDER-NAME-PATH /grant: "user-name":(m)
Thursday, August 9, 2012 3:56 PM ✅Answered
If you use the switch /T in the cmd line I gave earlier it will go down the list of folders adding only this permission.
Remember to remove the colon like Rick mentioned.
Thursday, August 9, 2012 7:03 AM
Hi Freddy,
Thank you for the post.
Agree with hapkido's reply, just remove colon behind "grant" in the command.
Moreover, you need to install KB943043 to support inheritance parameter if you use icacls on Windows 2003 server.
http://support.microsoft.com/kb/943043
If there are more inquiries on this issue, please feel free to let us know.
Regards
Rick Tan
TechNet Community Support
Thursday, August 9, 2012 8:20 AM
Hotfixes are never part of the automatic installation of Windows Updates correct?
You see, I couldn't find it installed.
I think I have been misunderstood
Again, I want to give the same permission to a lot of folders, without inherit them to their subfolders. Like this:
<ROOTDIR> Profiles
< SUBDIR> pia.old
<SUBSUBDIR> xxxx
< SUBDIR> pia.VS
<SUBSUBDIR> xxxx
How do I give permissions to the folders marked SUBDIR only? I am working on a 2003 server