File Systems
You can use Cacls to display or modify access control lists (ACLs) of files or folders. The syntax of Cacls is:
cacls filename | folder [/t] [/e] [/c] [/g user : right ] [/r user [...]]
[/p user : right [...]] [/d user [...]]
Table 17.12 follows the command syntax and describes the command switches.
Table 17.12 Cacls Switches
Switch |
Description |
---|---|
filename or folder |
Displays ACLs. |
/t |
Changes ACLs of specified files in the current folder and all subfolders. |
/e |
Edits ACL instead of replacing it. |
/c |
Continues on access-denied errors. |
/g user:right |
Grants a specified user account access rights, such as:R (Read)C (Change [write]) F (Full Control) |
/r user |
Revokes a specified user account's access rights (only valid with /e ). |
/p user:right |
Replaces a specified user account's access rights, such as:N (None)R (Read)C (Change [write]) F (Full Control) |
/d user |
Denies access to a specified user account. |
/? |
Displays user help. |
Wildcard characters can be used to specify more than one file in a command. You can also specify more than one user in a command, separating the user account listings with spaces.
If you already have permissions set for multiple users on a folder or file and do not use the /e switch, all existing user permissions are removed and replaced by the user and permissions specified at the command line. Use the following syntax when modifying user permissions to include read, change, and full control:
cacls filename | folder /e /r user
cacls filename | folder /e /g user : right
cacls filename | folder /e /p user : right
The Cacls tool does not provide a /y switch that answers automatically with Y to the Are you sure? Y/N prompt. However, you can use the echo command to pipe the character Y as input to the prompt when you are running Cacls in a batch file. Use the following syntax to automatically answer Y :
echo y|cacls filename | folder /e /g user : right
Important
Do not enter a space between the Y and the pipe symbol ( | ), or Cacls cannot make the permissions change.