Name

cacls

Synopsis

Displays or modifies access control lists (ACLs) of files and directories on NTFS volumes.

Syntax

cacls filename [/t] [/e] [/c] [/g username:perm] [/r username [...] ] 
[/p username:perm [...] ] [/d username [...] ]

Options

filename [ filename... ]

Displays ACLs of specified file(s)

/t

Recursively applies changes to ACLs of specified files, starting from the current directory and extending to all subdirectories

/e

Merges changes into an ACL instead of overwriting it

/c

Ignores errors during the process of modifying an ACL

/g username : perm

Grants username one of the following permissions:

N

None (new to Windows 2000)

R

Read

C

Change (Write)

F

Full Control

/r username

Revokes all permissions for username

/p username : perm

Replaces one of the following permissions for username :

N

None

R

Read

C

Change (Write)

F

Full Control

/d username

Explicitly denies access to username

Examples

Display the ACL for the directory C:\WINNT :

                     cacls C:\winnt
C:\WINNT NT AUTHORITY\Authenticated Users:R
         NT AUTHORITY\Authenticated Users:
             (OI)(CI)(IO)(special access:)
                  GENERIC_READ
                  GENERIC_EXECUTE
         BUILTIN\Server Operators:C
         BUILTIN\Server Operators:(OI)(CI)(IO)C
         BUILTIN\Administrators:F
         BUILTIN\Administrators:(OI)(CI)(IO)F
         NT AUTHORITY\SYSTEM:F
         NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F
         BUILTIN\Administrators:F
         CREATOR OWNER:(OI)(CI)(IO)F
         Everyone:R

Table 7.1 explains the various symbols used in the output of cacls.

Table 7-1. Symbols Used in cacls Command

Symbol

Description

C

Container (directory) ...

Get Windows 2000 Administration in a Nutshell now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial