Windows – batch script that grants admin rights and goes through all files and folders

batch fileicaclswindows

I have this, pretty sure its a little harsh but does the job, gives me all the rights to the files and folders on a drive when run on a drive, now I need help getting it to go into sub directories, so I dont need to copy the bat script inside every folder and have to run it.

takeown /f *
icacls * /grant Administrator:F
icacls * /grant Administrators:F
icacls * /grant SYSTEM:F
icacls * /grant "Authenticated Users":F

How would I get it to traverse the drive recursively?

Best Answer

Short Answer: add /t to (i)cacls

Long answer:

Here is my script I use when I want the file to be accessible to any user. It includes comments on what each flag does. Just put this in a batch file somewhere in the %AppData% folder.

REM --v2 -----------------------------------------------------------
takeown /r /d y /f %1
icacls %1 /t /grant Everyone:F

REM takeown /r /d y /f will set the owner to the Administrators group recursively.
REM /t makes it recursive
REM /grant Sets the permision to the following user, replaces existing permissions for the specified uesr.
REM :f Grants full controll permission.
REM ----------------------------------------------------------------

REM --v1 -----------------------------------------------------------
REM cacls %1 /t /e /g Everyone:f

REM /t makes it recursive
REM /e Edits the ACL instead of replaceing it
REM /g Grants permissions to the following users
REM :f Grants full controll permission.
REM ----------------------------------------------------------------

Then in %AppData%\Microsoft\Windows\SendTo create a shortcut to the batch script.

Edit the properties of that shortcut and go to Advanced... and check the box Run as Administrator.

enter image description here

Now in your right click menu -> Send To you will have a item called Fix Permissions any file or folder you do a Send To on will have the Everyone group given Full Access permissions. If you perform it on a folder it will recursively go through it and apply the permissions to all of the children in the folder.

I save the batch file the %AppData% folder because I am on a domain and that makes it part of my roaming profile so it will be on and ready to use on any computer I connect to.

Related Solutions

Windows – Delete specified files and log all output in CMD

From: https://stackoverflow.com/questions/1420965/redirect-stdout-and-stderr-to-a-single-file

You can redirect both the standard output (stdout) as well as the standard error (stderr) to the same log file.

Such as

dir > a.txt 2>&1

Windows – Can’t unset ‘Read-only (Only applies to files in folder)’ in windows 7

You really can't unset Read-only attribute on any folder in Explorer: Explorer always shows Read-only attribute in indeterminate state (starting from Windows 7, if I remember correctly). Yet attrib will tell you whether Read-only attribute is set or not.

Read-only attribute on a folder does not affect whether a user can modify its contents or not. However, Read-only attribute is a special attribute for Explorer. If Read-only attribute is set, Explorer will search for desktop.ini inside the folder and loads it. For example, this way Documents, Pictures and other folder are localized in your user profile.

If the folder is writable using Explorer or Command Prompt, then you have access to write to that folder.

Can't any Java application write to the specified folder?
Is it only one Java app that can't?

So the problem is somewhere in the Java app.

For example, Java Web Start (JWS) apps can be executed in a sandbox which blocks the app from accessing arbitrary files and folders on the file system.

Without more details about the application, it's hard to guess why it can't write to this folder.

Best Answer

Related Solutions

Windows – Delete specified files and log all output in CMD

Windows – Can’t unset ‘Read-only (Only applies to files in folder)’ in windows 7

Related Question