I am working with installer which invokes icacls.exe to set folder permissions using powershell inorder to remove the "users" permission if already allowed & provides permissions for Admin & IIS users. The script is
$folderPermissionList = (Get-Acl "C:\Program Files\Workspace").Access | ?{$_.IdentityReference -match "$BUILTIN\\Users"} | Select IdentityReference,FileSystemRights
If($folderPermissionList.FileSystemRights -match "FullControl")
{
Write-Host "Inside condition"
& icacls.exe "C:\Program Files\Workspace" /Q /T /remove "BUILTIN\Users"
}
Write-Host "outside condition"
& icacls.exe "C:\Program Files\Workspace" /Q /T /grant "BUILTIN\Administrators:`(OI`)`(CI`)`(F`)"
& icacls.exe "C:\Program Files\Workspace" /Q /T /grant "BUILTIN\IIS_IUSRS:`(OI`)`(CI`)`(F`)"
The above script is working on Windows servers but it is not working in Windows 10 OS. Tried with Powershell also there is no response it is hanged in the icacls command.
Powershell version: 5.1.19041.1151 Windows 10 Enterprise [21H1]
Note: executed with elevated permission & it got stuck [refer attached results]
Any idea why it is not executing on Windows 10? or other approach to set the permissions without any issues like this?
I had the same difficulty "dir -Force" was telling "d-r---" on parent dir, "-a-hs-" on unique file in dir. icacls was telling "done" but didn't change anything, "rm" was still refused. get-acl was saying "Full Control"
=> I did "rm -rf" from wsl ubuntu and it worked easy :-)