+ Post New Thread
Results 1 to 7 of 7
Windows Thread, Using CACLS in Technical; Hi Guys I will be using CACLS to assign some permissions to new folders i am creating. Is there any ...
  1. #1
    ceebster's Avatar
    Join Date
    May 2009
    Location
    The World
    Posts
    104
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Using CACLS

    Hi Guys

    I will be using CACLS to assign some permissions to new folders i am creating.

    Is there any was that CACLS can remove what current permissions are on the folder and then only assign new ones i put in my CACLS script?


    Thanks

    Chris

  2. #2

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,809
    Thank Post
    1,298
    Thanked 1,659 Times in 1,112 Posts
    Blog Entries
    22
    Rep Power
    507
    I believe CACLS replaces the current permissions with those you assign. The /e option edits the permissions.

    This article should help

    Edit: actually this one is better.
    Last edited by sparkeh; 13th April 2010 at 11:25 AM.

  3. #3

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,157
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124
    Watch out for the fact that CACLS without the /e switch will prompt for every change (because it's making possibly disastrous changes - eg remove system permissions from the Windows directory and Windows might not work as well as it should ...)

    You might want to look at xcacls (How to use Xcacls.exe to modify NTFS permissions) which has a /y switch

  4. #4

    JJonas's Avatar
    Join Date
    Jan 2008
    Location
    North Walsham, Norfolk
    Posts
    3,117
    Thank Post
    389
    Thanked 439 Times in 327 Posts
    Rep Power
    385
    Im trying to change permissions to a program(screen tinter lite) via CACLS. I want to get my students to do it automatically when they log on. I have assigned the relevant CACLS command to a student logon script but it looks as if they are getting an access denied error when it runs. I was under the impression that logon scripts ran with an elevated level of privillages. How should I go about making this permissions change?

  5. #5

    Join Date
    Mar 2010
    Location
    Adelaide
    Posts
    133
    Thank Post
    2
    Thanked 19 Times in 17 Posts
    Rep Power
    13
    I use icacls over cacls.
    icacls <path> /reset /T - clear all permissions other than inheritance
    icacls <path> /inheritance:r - clear inheritance ACEs

  6. #6

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,157
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124
    Logon scripts run in the security context of the user so you can't change permissions unless the student already has full control on the folder or can take ownership and then change permissions.

    There are ways in which you can effectively do a "runas" in a login script and then make changes but I think it's easier to put permission changes in a machine startup script (if it's a local set of permissions that need changes) or to run it directly on the server (if it's changes on things like home folders)

  7. #7

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,157
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124
    Logon scripts run in the security context of the user so you can't change permissions unless the student already has full control on the folder or can take ownership and then change permissions. (This applies if you're using cacls, xcacls, icacls or any other tool)

    There are ways in which you can effectively do a "runas" in a login script and then make changes but I think it's easier to put permission changes in a machine startup script (if it's a local set of permissions that need changes) or to run it directly on the server (if it's changes on things like home folders)

SHARE:
+ Post New Thread

Similar Threads

  1. CACLS Command - Access Denied
    By rjones in forum Windows Server 2000/2003
    Replies: 5
    Last Post: 24th November 2009, 05:40 PM
  2. cacls
    By lafleur1977 in forum Windows
    Replies: 4
    Last Post: 31st July 2009, 05:47 PM
  3. Replies: 3
    Last Post: 15th February 2008, 12:58 PM
  4. Help with CACLS permission
    By Kyle in forum Windows
    Replies: 2
    Last Post: 6th November 2007, 06:22 PM
  5. CACLS
    By faza in forum Wireless Networks
    Replies: 2
    Last Post: 26th July 2007, 12:06 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •