If you work with large quantities of files and have probably come across a situation where you had to modify file permissions, you know that the Explorer GUI is not much of a help. To relieve yourself from clicking your fingers to death, you could use XCACLS, which allows you to script file permission settings. XCACLS is also capable of creating listings of applying permissions.
As a first example on how to use XCACLS, I show you how to get a listing of all permissions applying to the folder c:\temp and its subs.
Grab yourself a copy of the XCACLS package from the MS site and go to Start > Run > cmd and cd to the path where you put xcacls.vbs and run the command below:
cscript xcacls.vbs "c:\temp\*"
The output you get, will look similar to this:
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation. All rights reserved.
Starting XCACLS.VBS (Version: 5.2) Script at x/x/2009 x:xx:xx PM
Startup directory:
"C:\"
Arguments Used:
Filename = "c:\temp\*"
**************************************************************************
File: C:\temp\access.log
Permissions:
Type Username Permissions Inheritance
Allowed BUILTIN\Administrators Full Control This Folder Only
Allowed NT AUTHORITY\SYSTEM Full Control This Folder Only
Allowed DOMAIN\user Full Control This Folder Only
Allowed BUILTIN\Users Read and Execute This Folder Only
No Auditing set
Owner: DOMAIN\user
**************************************************************************
Operation Complete
Elapsed Time: 0.1875 seconds.
Ending Script at x/x/2009 x:xx:xx PM
So far for the displaying of permissions.
As an example for turning on file permission inheritance in a directory tree, simply run:
cscript xcacls.vbs "c:\temp2\*" /I ENABLE /F /T /S
To conclude this post, this is how you specify the owner over a whole dir tree and all subcontents (please take care to invoke the /E parameter to tell XCACLS to only edit the ACL record, otherwise the ACL gets blanked out):
cscript xcacls.vbs "c:\temp2\*" /O username /F /T /S /E
How to use Xcacls.vbs to modify NTFS permissions
http://support.microsoft.com/?scid=kb%3Ben-us%3B825751&x=6&y=13