Cacls
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Displays or modifies discretionary access control lists (DACL) on specified files.
cacls FileName [/t] [/e [/rUser [...]]] [/c] [/gUser:Permission ] [/pUser:Permission [...]] [/dUser [...]]
- FileName
Required. Displays DACLs of specified files.
- /t
Changes DACLs of specified files in the current directory and all subdirectories.
- /e
Edits a DACL instead of replacing it.
- /r User
Revokes access rights for the specified user, is not valid without /e.
- /c
Continues to change DACLs, ignoring errors.
- /g User:Permission
Grants access rights to the specified user. The following table lists valid values for Permission.
<table>
<colgroup>
<col style="width: 50%" />
<col style="width: 50%" />
</colgroup>
<thead>
<tr class="header">
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><strong>n</strong></p></td>
<td><p>None</p></td>
</tr>
<tr class="even">
<td><p><strong>r</strong></p></td>
<td><p>Read</p></td>
</tr>
<tr class="odd">
<td><p><strong>w</strong></p></td>
<td><p>Write</p></td>
</tr>
<tr class="even">
<td><p><strong>c</strong></p></td>
<td><p>Change (Write)</p></td>
</tr>
<tr class="odd">
<td><p><strong>f</strong></p></td>
<td><p>Full Control</p></td>
</tr>
</tbody>
</table>
- /p User : Permission
Replaces access rights for the specified user. The following table lists valid values for Permission.
<table>
<colgroup>
<col style="width: 50%" />
<col style="width: 50%" />
</colgroup>
<thead>
<tr class="header">
<th>Value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><strong>n</strong></p></td>
<td><p>None</p></td>
</tr>
<tr class="even">
<td><p><strong>r</strong></p></td>
<td><p>Read</p></td>
</tr>
<tr class="odd">
<td><p><strong>w</strong></p></td>
<td><p>Write</p></td>
</tr>
<tr class="even">
<td><p><strong>c</strong></p></td>
<td><p>Change (Write)</p></td>
</tr>
<tr class="odd">
<td><p><strong>f</strong></p></td>
<td><p>Full Control</p></td>
</tr>
</tbody>
</table>
- /d User
Denies access for the specified user.
- /?
Displays help at the command prompt.
Use the following table to interpret the results.
Output ACE applies to OI
This folder and files.
CI
This folder and subfolders.
IO
The ACE does not apply to the current file/directory.
No output message
This folder only.
(OI)(CI)
This folder, subfolders, and files.
(OI)(CI)(IO)
Subfolders and files only.
(CI)(IO)
Subfolders only.
(OI)(IO)
Files only.
You can use wildcards (that is, ? and *) to specify multiple files.
You can specify more than one user.
Format | Meaning |
---|---|
Italic |
Information that the user must supply |
Bold |
Elements that the user must type exactly as shown |
Ellipsis (...) |
Parameter that can be repeated several times in a command line |
Between brackets ([]) |
Optional items |
Between braces ({}); choices separated by pipe (|). Example: {even|odd} |
Set of choices from which the user must choose only one |
|
Code or program output |