Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Script/Batch changing file permissions?

Status
Not open for further replies.
humbletech99

humbletech99

Programmer
Nov 22, 2005
155
GB
I need to script/batch a way of changing file permissions on a whole directory tree. Any ideas on how to do this?
 
Sort by date Sort by votes
Well ussing the Attrib command used work.

Attrib said:
Displays or changes file attributes.

ATTRIB [+R | -R] [+A | -A ] [+S | -S] [+H | -H] [drive:][path][filename]
[/S [/D]]

+ Sets an attribute.
- Clears an attribute.
R Read-only file attribute.
A Archive file attribute.
S System file attribute.
H Hidden file attribute.
[drive:][path][filename]
Specifies a file or files for attrib to process.
/S Processes matching files in the current folder
and all subfolders.
/D Processes folders as well.
Click to expand...

----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.
 
Upvote 0 Downvote
I had already considered atrib but I'm talking about NT Security ACLs, not the kind of metadata the attrib allows you to change.
 
Upvote 0 Downvote
In that case i believwe what you want is calcs.

CALCS said:
Displays or modifies access control lists (ACLs) of files

CACLS filename [/T] [/E] [/C] [/G user:perm] [/R user [...]]
[/P user:perm [...]] [/D user [...]]
filename Displays ACLs.
/T Changes ACLs of specified files in
the current directory and all subdirectories.
/E Edit ACL instead of replacing it.
/C Continue on access denied errors.
/G user:perm Grant specified user access rights.
Perm can be: R Read
W Write
C Change (write)
F Full control
/R user Revoke specified user's access rights (only valid w
/P user:perm Replace specified user's access rights.
Perm can be: N None
R Read
W Write
C Change (write)
F Full control
/D user Deny specified user access.
Wildcards can be used to specify more that one file in a command.
You can specify more than one user in a command.

Abbreviations:
CI - Container Inherit.
The ACE will be inherited by directories.
OI - Object Inherit.
The ACE will be inherited by files.
IO - Inherit Only.
The ACE does not apply to the current file/directory.
Click to expand...

----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.
 
Upvote 0 Downvote
Download subinacl.exe:

Place it in \Windows\System32

SUBINACL /SUBDIRECTORIES file_mask action=User or Group=PERMISSION

/SUBDIRECTORIES file_mask
---------------
manipulate files in specified directory and all subdirectories
- c:\temp\*.obj : work with all obj files
- c:\temp\test : work with all test files below the c:\temp directory
- c:\temp\test\*.* : work with all files below temp\test
- c:\temp\test\ : work with all files below temp\test
/subdirectories=directoriesonly will apply parameters on directories only
/subdirectories=filesonly will apply parameters on files only
Click to expand...

/ACTION:
/display[=dacl|sacl|owner|primarygroup|sdsize|sddl] (default)
/setowner=owner
/replace=[DomainName\]OldAccount=[DomainName\]New_Account
/accountmigration=[DomainName\]OldAccount=[DomainName\]New_Account
/changedomain=OldDomainName=NewDomainName[=MappingFile[=Both]]
/migratetodomain=SourceDomain=DestDomain=[MappingFile[=Both]]
/findsid=[DomainName\]Account[=stop|continue]
/suppresssid=[DomainName\]Account
/confirm
/ifchangecontinue
/cleandeletedsidsfrom=DomainName[=dacl|sacl|owner|primarygroup|all]
/testmode
/accesscheck=[DomainName\]Username
/setprimarygroup=[DomainName\]Group
/grant=[DomainName\]Username[=Access]
/deny=[DomainName\]Username[=Access]
/sgrant=[DomainName\]Username[=Access]
/sdeny=[DomainName\]Username[=Access]
/revoke=[DomainName\]Username
/perm
/audit
/compactsecuritydescriptor
/pathexclude=pattern
/objectexclude=pattern
/sddl=sddl_string
Click to expand...
PERMISSION
F : Full Control
C : Change
R : Read
P : Change Permissions
O : Take Ownership
X : eXecute
E : Read eXecute
W : Write
D : Delete
Click to expand...

Example:

subinacl /subdirectories %systemdrive% /grant=administrators=f /grant=system=f

This would give full permissions to the drive where XP is installed to the Group Administrators and the User SYSTEM




____________________________
Users Helping Users
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dik
  • Locked
  • Question
Deleting a file 1
Replies
13
Views
620
dik
dik
DrB0b
  • Locked
  • Question
Batch rename files with part of original file name 4
Replies
10
Views
520
Andrzejek
Andrzejek
pjw001
  • Locked
  • Question
Windows 11 File Explorer Preview Pane for PDF files
Replies
2
Views
527
pjw001
pjw001
spamjim
  • Locked
  • Question
Sanitizing illegal filenames on NTFS volumes
Replies
2
Views
555
spamjim
spamjim
Keyboy
  • Locked
  • Question
Batch file to unmute speakers
Replies
3
Views
492
Keyboy
Keyboy

Part and Inventory Search

Sponsor

Back
Top