????

Your IP : 216.73.216.152

Current Path : C:/Windows/System32/en-US/
Upload File :
Current File : C:/Windows/System32/en-US/ICacls.exe.mui

MZ����@���	�!�L�!This program cannot be run in DOS mode.

$��<߱�R���R���R�U�����R�U�P���R�Rich��R�PEL�!\

�:1@ LY8.rdata�@@.rsrc` Z@@�+B
T88�+B$��8.rdata8x.rdata$zzzdbg �.rsrc$01� pX.rsrc$02 [�*l]3KPV���8�ʸ�X `��+B��(�@�X�p�����	�	�	�� ���!PT��u\�MUI����.3����fq
! d��W�=�Y�;�%������MUIen-US'-'T)

ICACLS name /save aclfile [/T] [/C] [/L] [/Q]

    stores the DACLs for the files and folders that match the name

    into aclfile for later use with /restore. Note that SACLs,

    owner, or integrity labels are not saved.



ICACLS directory [/substitute SidOld SidNew [...]] /restore aclfile

                 [/C] [/L] [/Q]

    applies the stored DACLs to files in directory.



ICACLS name /setowner user [/T] [/C] [/L] [/Q]

    changes the owner of all matching names. This option does not

    force a change of ownership; use the takeown.exe utility for

    that purpose.



ICACLS name /findsid Sid [/T] [/C] [/L] [/Q]

    finds all matching names that contain an ACL

    explicitly mentioning Sid.



ICACLS name /verify [/T] [/C] [/L] [/Q]

    finds all files whose ACL is not in canonical form or whose

    lengths are inconsistent with ACE counts.



ICACLS name /reset [/T] [/C] [/L] [/Q]

    replaces ACLs with default inherited ACLs for all matching files.



ICACLS name [/grant[:r] Sid:perm[...]]

       [/deny Sid:perm [...]]

       [/remove[:g|:d]] Sid[...]] [/T] [/C] [/L] [/Q]

       [/setintegritylevel Level:policy[...]]



    /grant[:r] Sid:perm grants the specified user access rights. With :r,

        the permissions replace any previously granted explicit permissions.

        Without :r, the permissions are added to any previously granted

        explicit permissions.



    /deny Sid:perm explicitly denies the specified user access rights.

        An explicit deny ACE is added for the stated permissions and

        the same permissions in any explicit grant are removed.



    /remove[:[g|d]] Sid removes all occurrences of Sid in the ACL. With

        :g, it removes all occurrences of granted rights to that Sid. With

        :d, it removes all occurrences of denied rights to that Sid.



    /setintegritylevel [(CI)(OI)]Level explicitly adds an integrity

        ACE to all matching files.  The level is to be specified as one

        of:

            L[ow]

            M[edium]

            H[igh]

        Inheritance options for the integrity ACE may precede the level

        and are applied only to directories.



    /inheritance:e|d|r

        e - enables inheritance

        d - disables inheritance and copy the ACEs

        r - remove all inherited ACEs





Note:

    Sids may be in either numerical or friendly name form. If a numerical

    form is given, affix a * to the start of the SID.



    /T indicates that this operation is performed on all matching

        files/directories below the directories specified in the name.



    /C indicates that this operation will continue on all file errors.

        Error messages will still be displayed.



    /L indicates that this operation is performed on a symbolic link

       itself versus its target.



    /Q indicates that icacls should suppress success messages.



    ICACLS preserves the canonical ordering of ACE entries:

            Explicit denials

            Explicit grants

            Inherited denials

            Inherited grants



    perm is a permission mask and can be specified in one of two forms:

        a sequence of simple rights:

                N - no access

                F - full access

                M - modify access

                RX - read and execute access

                R - read-only access

                W - write-only access

                D - delete access

        a comma-separated list in parentheses of specific rights:

                DE - delete

                RC - read control

                WDAC - write DAC

                WO - write owner

                S - synchronize

                AS - access system security

                MA - maximum allowed

                GR - generic read

                GW - generic write

                GE - generic execute

                GA - generic all

                RD - read data/list directory

                WD - write data/add file

                AD - append data/add subdirectory

                REA - read extended attributes

                WEA - write extended attributes

                X - execute/traverse

                DC - delete child

                RA - read attributes

                WA - write attributes

        inheritance rights may precede either form and are applied

        only to directories:

                (OI) - object inherit

                (CI) - container inherit

                (IO) - inherit only

                (NP) - don't propagate inherit

                (I) - permission inherited from parent container



Examples:



        icacls c:\windows\* /save AclFile /T

        - Will save the ACLs for all files under c:\windows

          and its subdirectories to AclFile.



        icacls c:\windows\ /restore AclFile

        - Will restore the Acls for every file within

          AclFile that exists in c:\windows and its subdirectories.



        icacls file /grant Administrator:(D,WDAC)

        - Will grant the user Administrator Delete and Write DAC

          permissions to file.



        icacls file /grant *S-1-1-0:(D,WDAC)

        - Will grant the user defined by sid S-1-1-0 Delete and

          Write DAC permissions to file.

$

ICACLS name /save aclfile [/T] [/C]

    stores the DACLs for the files and folders that match the name

    into aclfile for later use with /restore. Note that SACLs,

    owner, or integrity labels are not saved.



ICACLS directory [/substitute SidOld SidNew [...]] /restore aclfile [/C]

    applies the stored DACLs to files in directory.



ICACLS name /setowner user [/T] [/C]

    changes the owner of all matching names. This option does not

    force a change of ownership; use the takeown.exe utility for

    that purpose.



ICACLS name /findsid Sid [/T] [/C]

    finds all matching names that contain an ACL

    explicitly mentioning Sid.



ICACLS name /verify [/T] [/C]

    finds all files whose ACL is not in canonical form or whose

    lengths are inconsistent with ACE counts.



ICACLS name /reset [/T] [/C]

    replaces ACLs with default inherited ACLs for all matching files.



ICACLS name [/grant[:r] Sid:perm[...]]

       [/deny Sid:perm [...]]

       [/remove[:g|:d]] Sid[...]] [/T] [/C]



    /grant[:r] Sid:perm grants the specified user access rights. With :r,

        the permissions replace any previously granted explicit permissions.

        Without :r, the permissions are added to any previously granted

        explicit permissions.



    /deny Sid:perm explicitly denies the specified user access rights.

        An explicit deny ACE is added for the stated permissions and

        the same permissions in any explicit grant are removed.



    /remove[:[g|d]] Sid removes all occurrences of Sid in the ACL. With

        :g, it removes all occurrences of granted rights to that Sid. With

        :d, it removes all occurrences of denied rights to that Sid.



    /inheritance:e|d|r

        e - enables inheritance

        d - disables inheritance and copy the ACEs

        r - remove all inherited ACEs







Note:

    Sids may be in either numerical or friendly name form. If a numerical

    form is given, affix a * to the start of the SID.



    /T indicates that this operation is performed on all matching

        files/directories below the directories specified in the name.



    /C indicates that this operation will continue on all file errors.

        Error messages will still be displayed.



    ICACLS preserves the canonical ordering of ACE entries:

            Explicit denials

            Explicit grants

            Inherited denials

            Inherited grants



    perm is a permission mask and can be specified in one of two forms:

        a sequence of simple rights:

                N - no access

                F - full access

                M - modify access

                RX - read and execute access

                R - read-only access

                D - delete access

        a comma-separated list in parenthesis of specific rights:

                DE - delete

                RC - read control

                WDAC - write DAC

                WO - write owner

                S - synchronize

                AS - access system security

                MA - maximum allowed

                GR - generic read

                GW - generic write

                GE - generic execute

                GA - generic all

                RD - read data/list directory

                WD - write data/add file

                AD - append data/add subdirectory

                REA - read extended attributes

                WEA - write extended attributes

                X - execute/traverse

                DC - delete child

                RA - read attributes

                WA - write attributes

        inheritance rights may precede either form and are applied

        only to directories:

                (OI) - object inherit

                (CI) - container inherit

                (IO) - inherit only

                (NP) - don't propagate inherit

                (I) - permission inherited from parent container



Examples:



        icacls c:\windows\* /save AclFile /T

        - Will save the ACLs for all files under c:\windows

          and its subdirectories to AclFile.



        icacls c:\windows\ /restore AclFile

        - Will restore the Acls for every file within

          AclFile that exists in c:\windows and its subdirectories.



        icacls file /grant Administrator:(D,WDAC)

        - Will grant the user Administrator Delete and Write DAC

          permissions to file.



        icacls file /grant *S-1-1-0:(D,WDAC)

        - Will grant the user defined by sid S-1-1-0 Delete and

          Write DAC permissions to file.

8Invalid parameter "%1"

(ACCESS_DENIED%0

0processed file: %1

8<User name not found>%0

(OI)%0

(CI)%0

(NP)%0

(IO)%0

(DENY)%0

,(special access:)

4sharing violation:%0

<Set ownership failed

%0

,Access denied: %0

x No permissions are set. All users have full control.%0

X%1: Ace entries not in canonical order.

D%1: Acl length is incorrect.

DAcls were successfully saved.

@Acls successfully restored.

(SID Found: %1.

`No errors were found while verifying ACLs.

TThe Acls were successfully modified.

LThe ACLs were successfully reset.

HThe owner was successfully set.

XNo files with a matching SID was found

�Successfully processed %1 files; Failed processing %2 files

�This operation is not allowed as it would create an un-usable ACL.

pFirst parameter must be a file name pattern or "/?"

\4VS_VERSION_INFO��
|O
|O?�StringFileInfo�040904B0LCompanyNameMicrosoft Corporation(FileDescriptionh$FileVersion10.0.20348.1 (WinBuild.160101.0800).InternalNameicacls�.LegalCopyright� Microsoft Corporation. All rights reserved.FOriginalFilenameiCACLS.EXE.MUIj%ProductNameMicrosoft� Windows� Operating System>
ProductVersion10.0.20348.1DVarFileInfo$Translation	�PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD