We rolled out this new Windows 8.1 machine on the domain recently, other desktops are still using XP. One of the software we install is the Oracle Client, it's installed manually on the machine using a domain admin account (i.e: not deployed through GPO or such).
The user of the computer (non admin) needs full access to the folder where the software is installed C:\oracle\client\[...]. On the XP machines I would login as an admin on the computer, right click on the root folder C:\oracle then go to Security, give full access to [computer_name]\users group, check the Apply to sub-folders settings and click OK.
Here it doesn't work: the user gets full access to all the folders and sub-folders, he can open the folders, create new files anywhere; but the user doesn't have access to the files themselves, he gets Access Denied. However if I change permissions on one specific file then the user can access it.
I have repeated the operation using [domain]\[username] instead and I even gave ownership of the folders to the user without success. Folders are OK, files don't receive the permission change.
So I have:
- Full Read / Write / Execute permissions applied to a folder and its subfolders
- Permissions are applied to the folders but not the existing files
- Changing permissions on one file works (but there are thousands of files in there)
Am I missing something? I have done this many many times on XP and 7 machines so I would think 8.1 is the issue here but I can't find anything about it.
Thanks!
Best Answer
Sounds like the permission is set to
Apply toThis folder and subfolders, rather thanThis folder, subfolders and files.So you'd change that:
Of course, if the permissions are already set for
This folder, subfolders and files, you might just need to force propagation of the permissions to child objects with theReplace all child object permissions with inheritable permissions from this objecttickbox.And, of course, but things can be done with PowerShell, but there's no native parameter for either in the Set-ACL cmdlet, so you'd need your script to apply the permissions recursively. So it might be better to use Icalcs, which includes a parameter to apply the given permission to all files in the folder and any subfolders.