Export (0) Print
Expand All

Xcacls Syntax

Updated: March 28, 2003

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

XcAcls Syntax

XcAcls uses the following syntax:

Art Image xcacls FileName[/t][/e][/x][/c][/gUser:Permissions;Spec][/rUser][/pUser:Permissions;Spec] [...]][/dUser [...]][/y][/?|/h]

Parameters

FileName
Indicates the name of the file or directory to which the access control list (ACL) or access control entry (ACE) is typically applied. All standard wildcard characters can be used.

/t
Recursively walks through the current directory and all of its subdirectories, applying the chosen access rights to the matching files or directories.

/e
Edits the ACL instead of replacing it.

/x
Edits the ACL instead of replacing it; affects only the ACEs that the specified users already own.

/c
Causes XcAcls to continue if an "access denied" error occurs. If /c is omitted, XcAcls stops on this error.

/g User: Permissions; Spec
Grants User access to the matching file or directory. Permissions apply the specified access right to files. Spec can be the same as Permissions and only applies to a directory. In this case, Permissions is used for file inheritance in this directory. Permissions and Spec accept the following values:

 

Value Description

R

Read

C

Change (write)

F

Full Control

P

Change Permissions (special access)

O

Take Ownership (special access)

X

Execute (special access)

E

Read (Special access)

W

Write (Special access)

D

Delete (Special access)

T

Used only by Spec. ACE not specified. Sets an ACE for the directory itself without specifying an ACE that is applied to new files created in that directory. At least one access right must follow. Spec entries that precede T (in other words, those between the semicolon and the T) are ignored. (Special value)

Notes

  • The access options for files (special file and directory access options for directories) are identical. For detailed explanations of these options, see Permissions for files and folders on the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=48679) or Share permissions on the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=48680).

  • All other options, which can also be set in Windows Explorer, are subsets of all possible combinations of the basic access rights. Therefore, there are no special options for directory access rights, such as LIST or READ.

/r User
Revokes all access rights for the specified user.

/p User: Permissions; Spec
Replaces access rights for User. Permissions applies the specified access right to files. Spec can be the same as Permissions and only applies to a directory. In this case, Permissions is used for file inheritance in this directory. Permissions and Spec accept the following values:

 

Value Description

R

Read

C

Change (write)

F

Full Control

P

Change Permissions (special access)

O

Take Ownership (special access)

X

Execute (special access)

E

Read (special access)

W

Write (special access)

D

Delete (special access)

T

Used only by Spec. ACE not specified. Sets an ACE for the directory itself without specifying an ACE that is applied to new files created in that directory. At least one access right must follow. Spec entries that precede T (in other words, those between the semicolon and the T) are ignored. (Special value.)

Notes

  • The access options for files (special file and directory access options for directories) are identical. For detailed explanations of these options, see Permissions for files and folders on the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=48679) or Share permissions on the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=48680).

  • All other options, which can also be set in Windows Explorer, are subsets of all possible combinations of the basic access rights. Therefore, there are no special options for directory access rights, such as LIST or READ.

/d User
Denies the specified user access to the file or directory.

/y
Disables the confirmation when replacing user access rights. By default, XcAcls asks for confirmation. Because of this feature, when XcAcls is used in a batch routine, the routine stops responding until the right answer is entered. Use the /y parameter when you use XcAcls in batch mode.

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft