NTFS permissions are set for the sharing of any drives and folders in a network of Windows OS. With these permissions, the user can decide that if he wants to share an entire drive or a single folder over the network. The drives and folders which are formatted into NTFS format can use NTFS permissions.
With the additional functionality that is provided by the NTFS permissions, its configuration is very complex that can lead to administration headaches. While managing your permissions on the top-level directories sometimes goes inaccurate, and this inaccuracy will force the sub-directories to change, which causes issues.
So, to avoid this kind of situation, it is always recommended to backup folder permissions before making any changes to the NTFS or sharing settings. If anything bad happens, you can actually restore the back up to its original configuration without any loss.
iCACLS is a Windows command-line utility to display and modify security descriptors of the NTFS filesystem. With iCACLS command, users have full control over backup, restore and alter the access control lists (ACLs) of the file system objects. The same iCACLS command can be used on Windows Server. There is no iCACLS server required.
Backup and Restore NTFS Permissions via PowerShell console (Using iCACLS)
Backup Folder Permissions
To get the list of ACLs before changing any NTFS permissions you can run a single command. This command will save all subfolders and files as a plain text. The text file will be saved on your current user folder. icacls c:data /save ntfs-permissions-folder.txt /t /c
Where “C" is the drive name, “T" is added to get all subfolders and files on that drive, and “C" allows to ignore all the access errors.
If the number of folders and files are too large, then the command will take a long time to complete its execution. At the end of execution, you will get the list of total files which is processed successfully, and the number of files which don’t get success in processing.