iCACLS: Backup And Restore NTFS And Share Permissions In Windows

NTFS permissions are set for the sharing of any drives and folders in a network of Windows OS. With these permissions, the user can decide that if he wants to share an entire drive or a single folder over the network. The drives and folders which are formatted into NTFS format can use NTFS permissions.

With the additional functionality that is provided by the NTFS permissions, its configuration is very complex that can lead to administration headaches. While managing your permissions on the top-level directories sometimes goes inaccurate, and this inaccuracy will force the sub-directories to change, which causes issues.

So, to avoid this kind of situation, it is always recommended to backup folder permissions before making any changes to the NTFS or sharing settings. If anything bad happens, you can actually restore the back up to its original configuration without any loss.

iCACLS is a Windows command-line utility to display and modify security descriptors of the NTFS filesystem. With iCACLS command, users have full control over backup, restore and alter the access control lists (ACLs) of the file system objects. The same iCACLS command can be used on Windows Server. There is no iCACLS server required.

Backup and Restore NTFS Permissions via PowerShell console (Using iCACLS)

Backup Folder Permissions

Using iCACLS in PowerShell
Using iCACLS in PowerShell

To get the list of ACLs before changing any NTFS permissions you can run a single command. This command will save all subfolders and files as a plain text. The text file will be saved on your current user folder.
icacls c:data /save ntfs-permissions-folder.txt /t /c

Where “C” is the drive name, “T” is added to get all subfolders and files on that drive, and “C” allows to ignore all the access errors.

If the number of folders and files are too large, then the command will take a long time to complete its execution. At the end of execution, you will get the list of total files which is processed successfully, and the number of files which don’t get success in processing.

Restore Folder Permissions

If you want to restore the lists, execute the following command

Icacls c: /restore ntfs-permissions-folder.txt

Backup and Restore Sharing Permission via Registry Editor

Backup Folder Permissions

To backup share permissions, export the Shares registry key.

  1. Open Regedit to the following location
    HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares
  2. Right-click the Shares registry key and select Export. Give it a file name such as share-permissions-folder.reg.

Restore Folder Permissions

When you want to restore the permissions, double-click share-permissions-folder.reg (This registry will be located at the location, where you have exported) to import it back into the registry.

It is always recommended to make back up of anything you are doing on your system in order to stay away from any danger or risk. Then, you can easily restore it back in the time of need.

Must Read Articles: