I am embarrased that I have to ask this, but as the syntax of icacls apparently has changed in powershell, I seem to be unable to assemble a working command.
What I am trying to do:
I want to remove all permissions from a specific folder and then add the "Current logged on user" and "SYSTEM" to have Full Control. But not Admins or anything else.
What I have:
icacls $MyFolder /inheritance:r /grant: $Domain\Env:Username:(OI)(CI)F /T /grant: SYSTEM:(OI)(CI)F /T
But everytime when I execute the command I get an error
(OI)(CI) /T has not been recognized as a cmdlet or command...
I have read some tricks on the internet to use different kind of quotes or backticks for the parameters, but nothing worked for me.
Can anyone please tell my what I am doing wrong here?
As you've hinted at, the issue here isn't that the syntax is icacls has changed in PowerShell but rather that PowerShell can act strangely when executing an external command (executable) that takes arguments.
There's several ways to handle arguments, one of which is to pass them as an array of strings:
$IcaclsArgs = @(
$MyFolder,
"/inheritance:r",
"/grant",
"$Domain\$($Env:Username):(OI)(CI)F",
"/T",
"/grant",
"SYSTEM:(OI)(CI)F",
"/T"
)
& icacls @IcaclsArgs