Server 2012 R2. 在禁用继承时向所有文件夹和子文件夹添加权限

Question

例如：

icacls "<root folder>" /grant "Domain Admins":F /t

将为“域管理员”组添加对“根文件夹”及其内的每个文件夹的完全访问权限。

如果在 Grant 后添加“:r”，那么权限将被替换而不是被添加。

 icacls "<root folder>" /grant:r "Domain Admins":F /t

基本权限包括：

Full Control (F)
Modify (M)
Read & Execute (RX)
List Folder Contents (X,RD,RA,REA,RC)
Read (R)
Write (W)

高级权限包括：

Full Control (F)
Traverse folder / execute file (X)
List folder / read data (RD)
Read attributes (RA)
Read extended attributes (REA)
Create file / write data (WD)
Create folders / append data (AD)
Write attributes (WA)
Write extended attributes (WEA)
Delete subfolders and files (DC)
Delete (D)
Read permissions (RC)
Change permissions (WDAC)
Take ownership (WO)

您还可以指定文件夹的继承：

This folder only
This folder, subfolders and files (OI)(CI)
This folder and subfolders (CI)
This folder and files (OI)
Subfolders and files only (OI)(CI)(NP)(IO)
Subfolders only (CI)(IO)
Files only (OI)(IO)

Answer 1

你可能会使用icacls 实用程序

例如：

icacls "<root folder>" /grant "Domain Admins":F /t

将为“域管理员”组添加对“根文件夹”及其内的每个文件夹的完全访问权限。

如果在 Grant 后添加“:r”，那么权限将被替换而不是被添加。

 icacls "<root folder>" /grant:r "Domain Admins":F /t

基本权限包括：

Full Control (F)
Modify (M)
Read & Execute (RX)
List Folder Contents (X,RD,RA,REA,RC)
Read (R)
Write (W)

高级权限包括：

Full Control (F)
Traverse folder / execute file (X)
List folder / read data (RD)
Read attributes (RA)
Read extended attributes (REA)
Create file / write data (WD)
Create folders / append data (AD)
Write attributes (WA)
Write extended attributes (WEA)
Delete subfolders and files (DC)
Delete (D)
Read permissions (RC)
Change permissions (WDAC)
Take ownership (WO)

您还可以指定文件夹的继承：

This folder only
This folder, subfolders and files (OI)(CI)
This folder and subfolders (CI)
This folder and files (OI)
Subfolders and files only (OI)(CI)(NP)(IO)
Subfolders only (CI)(IO)
Files only (OI)(IO)

Server 2012 R2. 在禁用继承时向所有文件夹和子文件夹添加权限

答案1

相关内容