Help with bulk file permissions change between windows versions

Forums › Microsoft Windows › Help with bulk file permissions change between windows versions

timmmay

20494 posts

Uber Geek

Trusted

Lifetime subscriber

#164280 4-Feb-2015 07:26

I've recently started using W10 alongside W7, file permissions have been a bit of a pain. I would sometimes have to go back into W7 to change permissions so I could take ownership of files in W10 then change permissions there.

Yesterday I took an image of my W7 drive with Macrium Reflect free, tried something that accidentally deleted the W7 partition, then tried to restore it. Unfortunately the image (and another I took at the same time) is corrupt. So I no longer have the option to go back into W7 and change permissions. I could reinstall of course but I'll probably just run with a brand new fresh install of W10.

What I'm after is a way to bulk assign the same owner and permissions to every file on a disk. I know you should in theory just right click the root folder and change it there, but various things come up:
- Recycle bins from the two windows versions seem incompatible so I have to hit "ignore" about 5000 times.
- Some folders deep in the tree seem to have odd permissions and don't want to be changed.

Is there a way to say "set this owner and permissions for every file on this disk without asking me a bunch of questions"?

nathan

5695 posts

Uber Geek
Inactive user

#1230906 4-Feb-2015 07:38

icacls

timmmay

20494 posts

Uber Geek

Trusted

Lifetime subscriber

#1230909 4-Feb-2015 07:50

So something like this will recursively give USERNAME ownership and full permissions to all files on a drive? Will this work on any computer and any drive to take permissions? Makes NTFS seem pretty insecure...

icacls d:\* /setowner USERNAME /c /t
icacls d:\* /grant USERNAME:F /c /t

nathan

5695 posts

Uber Geek
Inactive user

#1230910 4-Feb-2015 07:57

NTFS is not insecure. you need to have permissions to set permissions

timmmay

20494 posts

Uber Geek

Trusted

Lifetime subscriber

#1230913 4-Feb-2015 08:10

So if I try to set permissions on files I don't explicitly have access to I won't be able get them with icacls?

What happens in the scenario that permissions are locked down on a data disk to give full permissions to just "john" but no permissions to anyone else, the OS fails and is reinstalled, and you need to give a user on the new OS "fred" ownership and permissions to the files?

I of course have backups but I would rather not have to do that.

nathan

5695 posts

Uber Geek
Inactive user

#1230925 4-Feb-2015 08:32

if ICACLS is failing to take ownership, then you need to take ownership using TAKEOWN

nathan

5695 posts

Uber Geek
Inactive user

#1230926 4-Feb-2015 08:34

and in terms of security, this isn't insecure. You can take ownership as you have local physical access to the disk
If you wanted to stop someone from being able to rip out your disks and put them in another machine, looking into EFS (encrypting file system) or BDE (BitLocker drive encryption)

timmmay

20494 posts

Uber Geek

Trusted

Lifetime subscriber

#1230930 4-Feb-2015 08:38

I'll try ICACLS this evening, i'll look into TAKEOWN if it doesn't work thanks. Good point about physical access. I do have sensitive data encrypted.

GoodSync

GoodSync. Easily back up and sync your files with GoodSync. Simple and secure file backup and synchronisation software will ensure that your files are never lost (affiliate link).

timmmay

20494 posts

Uber Geek

Trusted

Lifetime subscriber

#1234404 11-Feb-2015 06:44

Is there an easy way to say "remove all existing permissions, set all files and folders to use inherited permissions"?

JWR

821 posts

Ultimate Geek

#1234428 11-Feb-2015 08:33

timmmay: Is there an easy way to say "remove all existing permissions, set all files and folders to use inherited permissions"?

You mean like... right click -> properties -> security tab -> advanced button?

You can take ownership, add/remove permissions, inheritance etc..

timmmay

20494 posts

Uber Geek

Trusted

Lifetime subscriber

#1234429 11-Feb-2015 08:35

JWR: You mean like... right click -> properties -> security tab -> advanced button?

You can take ownership, add/remove permissions, inheritance etc..

When you do that if there are files way down the tree that have difference permission or ownership it doesn't tend to take. After a bit more reading I'm thinking TAKEOWN then ICACLS /reset should probably do the job.