Thursday, 14 January 2016

Take ownership of folder recursively without losing NTFS permissions

If you are not careful when taking ownership of files you can easily accidentally strip the NTFS permissions of residing files and folders!

The easiest way we can take ownership recursively (and retain existing permissions!) is to  issue the following command:
TAKEOWN /A /R /F D:\FolderName
Although ensure you hit 'No / N' when it asks whether you would like to grant you the permission to access files and folders - otherwise all of the permissions will be overwritten!

In order to add yourself (or the administrators group) permissions to access the folder and files we should issue something like:

psexec -i -s cmd.exe
icacls "D:\RoamingProfiles" /t /c /GRANT "Domain Admins":(OI)(CI)F

F= Full Control
CI= Container Inherit - This flag indicates that subordinate containers will inherit this ACE.
OI= Object Inherit - This flag indicates that subordinate files will inherit the ACE.


Post a Comment