Cacls

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Cacls

Displays or modifies discretionary access control lists (DACL) on specified files.

Syntax

cacls FileName [/t] [/e [/rUser [...]]] [/c] [/gUser:Permission ] [/pUser:Permission [...]] [/dUser [...]]

Parameters
  • FileName
    Required. Displays DACLs of specified files.
  • /t
    Changes DACLs of specified files in the current directory and all subdirectories.
  • /e
    Edits a DACL instead of replacing it.
  • /r User
    Revokes access rights for the specified user, is not valid without /e.
  • /c
    Continues to change DACLs, ignoring errors.
  • /g User:Permission
    Grants access rights to the specified user. The following table lists valid values for Permission.
<table>
<colgroup>
<col style="width: 50%" />
<col style="width: 50%" />
</colgroup>
<thead>
<tr class="header">
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><strong>n</strong></p></td>
<td><p>None</p></td>
</tr>
<tr class="even">
<td><p><strong>r</strong></p></td>
<td><p>Read</p></td>
</tr>
<tr class="odd">
<td><p><strong>w</strong></p></td>
<td><p>Write</p></td>
</tr>
<tr class="even">
<td><p><strong>c</strong></p></td>
<td><p>Change (Write)</p></td>
</tr>
<tr class="odd">
<td><p><strong>f</strong></p></td>
<td><p>Full Control</p></td>
</tr>
</tbody>
</table>
  • /p User : Permission
    Replaces access rights for the specified user. The following table lists valid values for Permission.
<table>
<colgroup>
<col style="width: 50%" />
<col style="width: 50%" />
</colgroup>
<thead>
<tr class="header">
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><strong>n</strong></p></td>
<td><p>None</p></td>
</tr>
<tr class="even">
<td><p><strong>r</strong></p></td>
<td><p>Read</p></td>
</tr>
<tr class="odd">
<td><p><strong>w</strong></p></td>
<td><p>Write</p></td>
</tr>
<tr class="even">
<td><p><strong>c</strong></p></td>
<td><p>Change (Write)</p></td>
</tr>
<tr class="odd">
<td><p><strong>f</strong></p></td>
<td><p>Full Control</p></td>
</tr>
</tbody>
</table>
  • /d User
    Denies access for the specified user.
  • /?
    Displays help at the command prompt.
Remarks

  • Use the following table to interpret the results.

    Output ACE applies to

    OI

    This folder and files.

    CI

    This folder and subfolders.

    IO

    The ACE does not apply to the current file/directory.

    No output message

    This folder only.

    (OI)(CI)

    This folder, subfolders, and files.

    (OI)(CI)(IO)

    Subfolders and files only.

    (CI)(IO)

    Subfolders only.

    (OI)(IO)

    Files only.

  • You can use wildcards (that is, ? and *) to specify multiple files.

  • You can specify more than one user.

Formatting legend

Format Meaning

Italic

Information that the user must supply

Bold

Elements that the user must type exactly as shown

Ellipsis (...)

Parameter that can be repeated several times in a command line

Between brackets ([])

Optional items

Between braces ({}); choices separated by pipe (|). Example: {even|odd}

Set of choices from which the user must choose only one

Courier font

Code or program output

See Also

Concepts

Command-line reference A-Z
Command shell overview