5 min

icacls 5 min

icacls is a command-line utility that can be used to modify NTFS file system permissions in Windows Server 2003 SP2, Windows Server 2008, Windows Vista and Windows 7. It builds on the functionality of similar previous utilities, including cacls, Xcacls.exe, Cacls.exe, and Xcacls.vbs.

With icacls, administrators can view or modify access control lists for files and folders, to help understand and fix inherited permissions. Icacls inheritance options can be used to apply permissions to parent and child objects throughout the file structure.

The resource access level is specified in front of each group or user. The access permissions are indicated using the abbreviations. Consider the permissions for the user CORP\someusername. The following permissions are assigned to this user:
(OI) — object inherit;
(CI) — container inherit;
(M) — modify access.

This means that this user has the right to write and modify file system objects in this directory. These NTFS permissions are inherited to all child objects in this directory.

App pool name = myapp
icacls “C:\inetpub\temp\IIS Temporary Compressed Files\myapp” /grant “IIS APPPOOL\myapp”:(OI)(CI)F /T

iCacls – Modify Access Control List – Windows CMD – SS64.com

Comments Off on icacls 5 min