This blog is intended to document how-to’s, fixes, work-arounds, and the various gotchas that are the meat and potatoes of the IT field.

4 thoughts on “About

  1. Hi
    We have to periodically archive a leavers Windows folders including Desktop and Profile I have been using a script which has at its core:
    takeown /f $b /R /d y | out-null
    “Ownership of $b taken”
    icacls $b /grant mydomain\myname:F /t | out-null
    “Permissions taken on $b”
    But quite often it fails as ownership isnt propogated to child folders and permissions arent propogated either. It is possible that the takeown doesn’t have enough time to complete; thats why i added out null; but I am still having problems. Any suggestions?
    Is there a ‘pure’powershell method I could use?
    I am running Win 7 and files are on a win server 2008 R2

    1. I haven’t used takeown extensively since it only allows you to assign ownership to yourself and I haven’t had a need to do that much. It may be that inheritance is blocked at a lower level.
      Below is a chunk of a script I’ve used to recursively assign ownership using powershell. It is slow, but it seems to work.

      $ID = new-object System.Security.Principal.NTAccount(“domainname“, “username“)
      get-childitem -Literalpath $path -force -recurse | foreach {
      $objChild = $_
      $longPath = $_.FullName
      write-progress -activity “Set File Owner” -status “Processing $longPath with user $ID”
      $acl = $objChild.GetAccessControl()
      if ($acl) {

  2. Hi
    Thanks for reply. Is there a way to use powershell to grant full permissions to a folder recursively instead of using Icacls?

  3. The quickest way to would be to add your current iacls command into the above script. Either once at the beging of the scripts for the root folder, or remove the /t and place in the final “if” statement after the $objChild.SetAccessControl($acl). Then it would be applied to each and every file.

    I’ve also used the 3rd part utility fileacl which seems to be faster than icacls, but does require installing. (http://www.gbordier.com/gbtools/fileacl.asp)

    It is possible do this with powershell, though it is a bit more complicated. Rather than type what is written elsewhere I recommend looking at http://chrisfederico.wordpress.com/2008/02/01/setting-acl-on-a-file-or-directory-in-powershell/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.