icacls

NTFS ACL’s: What is the difference between object and container inhertiance?

by

These flags control the inheritance of ACLs. There are other flags, too– IO and NP. You can see more about them in the article I link below. In short, access control entries (ACEs) flagged only with “Object Inheritance” apply that ACE to files in a folder, but not subfolders within that folder. ACEs flagged only … Read more

How to replace permissions and everything inside with icacls on Windows Server 2012?

by

As mentionned is comments, you also have to use the /inheritance:r switch to remove inherited permissions. /grant:r only removes explicit permissions. icacls c:\temp\test /inheritance:r /grant:r <DOMAIN>\<USER>:(OI)(CI)F /T To also grant SYSTEM : icacls c:\temp\test /inheritance:r /grant:r <DOMAIN>\<USER>:(OI)(CI)F /grant:r SYSTEM:(OI)(CI)F /T