I am trying to remove a user from all subdirectories in a network share.
I have tried the following command: ICACLS X:\ /remove:g username /T
The command runs without failure (although it takes 3.5 hours due to the size of the shard drive) but after I check the permissions, the user's permissions are not deleted from anywhere.
If I navigate to a specific folder where I know that the user has access and run the command there (for example ICACLS X:\subdirectory /remove:g username /T ), it works just fine.
The issue seems to occur only if I try to run it from the root X:\ in which case, no permissions are deleted.
Any ideas why this might be the case?
P.S. I have F access on the root on the account I'm running the command with
Should do it with
icacls /T
. Unless the user running the command cannot read some directories. But if inheritance is enabled on the folders you probably have Administrators everywhere.A simple PS Script can do it. With some try / catch around
$acl | Set-Acl
this can be used as a dry-mode in a non-privileged session. With a privileged session this will effectively replace the ACL on the directory.