DriveSpace and FilePermissions: Difference between pages

From Piszczynski
(Difference between pages)
VisualWikitext
piszczynski>Aleks
No edit summary
 
m (2 revisions imported)
 
Line 1: Line 1:


== Disk Extension ==
== File Permissions iCACLS Copy Export Modify ==


Use partition manager or disk part to extend volumes.  
File permissions can be managed in CMD with the iCACLS tool.


If drive space in partition manager and file explorer do not match after volume extension use the following diskpart command:
Get file/folder permissions:
*Diskpart
*icacls <path>
**list volume
Grant Modify Permission:
***select volume <volume number>
*icacls <path> /grant <user>:M
****extend filesystem


== Drive Space Cleanup Windows ==
Details of permissions:
<pre>
iCACLS inheritance settings:


Check temp folders
(OI)  —  object inherit;
(CI)  —  container inherit;
(IO)  —  inherit only;
(NP)  —  don’t propagate inherit;
(I)  — permission inherited from the parent container.


Check if windows update needs to be running and delete software distribution if not
List of basic access permissions:


Check for not required windows SxS components using DISM.exe in Powershell:
D  —  delete access;
*Dism.exe /online /Cleanup-Image /StartComponentCleanup
F  —  full access;
N  —  no access;
M  —  modify access;
RX  —  read and execute access;
R  —  read-only access;
W  —  write-only access.
</pre>
Save and copy permissions to file to apply to other files:
*icacls <path> /save <pathtosavepermissions> /t


Check for log files and delete any not required
Restore or copy saved permissions from file:
*icals <path> /restore <pathtosavedpermissions>




== Disk Info ==
== File Permissions Powershell Get-Acl Set-Acl ==
Find out info about disks - use "system information" - msinfo32


This will give you the Bytes/sector as well as other info
Permissions can be managed with Powershell get-acl cmdlet
*Get-Acl <path>
 
Copy permissions from one file to another:
*$acl = Get-Acl -path <pathtocopypermisssionsfrom>
**$acl | Set-Acl -path <pathtocopypermissionsto>
 
If you need to add permissions but dont have permissions to copy from you can create an object containing the permissions:
*New-Object Security.AccessControl.FileSystemAccessRule('IdentityReference\String','FileSystemRights','InheritanceFlags, PropagationFlags','AccessControlType')
 
Details on the options:
*IdentityReference\String — user or group name (use the following principal format: domain\user)
*FileSystemRights — permission (for example, Read , Write , etc.)
*InheritanceFlags and PropagationFlags – these flags determine permission inheritance settings from the parent folder (more details about ACL propagation are described in the Microsoft documentation https://docs.microsoft.com/en-us/previous-versions/ms229747(v=vs.110)?redirectedfrom=MSDN)
*AccessControlType — allow or deny access to an object (Allow/Deny)
 
Example:
<pre>
# get current NTFS permissions
 
$current_acl = Get-ACL -Path "C:\Docs"
 
# create an object with new NTFS permissions
 
$new_acl = New-Object System.Security.AccessControl.FileSystemAccessRule('domiain\user', 'Read', 'ContainerInherit, ObjectInherit', 'None', 'Allow')
 
# add new permissions to the current ACL
 
$current_acl.AddAccessRule($new_acl)
 
# Apply an ACL to a folder
 
Set-ACL -Path "C:\Docs" -ACLObject $current_acl
</pre>

Latest revision as of 22:32, 15 November 2023

File Permissions iCACLS Copy Export Modify

File permissions can be managed in CMD with the iCACLS tool.

Get file/folder permissions:

  • icacls <path>

Grant Modify Permission:

  • icacls <path> /grant <user>:M

Details of permissions: 

iCACLS inheritance settings:

(OI)  —  object inherit;
(CI)  —  container inherit;
(IO)  —  inherit only;
(NP)  —  don’t propagate inherit;
(I)  — permission inherited from the parent container.

List of basic access permissions:

D  —  delete access;
F  —  full access;
N  —  no access;
M  —  modify access;
RX  —  read and execute access;
R  —  read-only access;
W  —  write-only access.

Save and copy permissions to file to apply to other files:

  • icacls <path> /save <pathtosavepermissions> /t

Restore or copy saved permissions from file:

  • icals <path> /restore <pathtosavedpermissions>


File Permissions Powershell Get-Acl Set-Acl

Permissions can be managed with Powershell get-acl cmdlet

  • Get-Acl <path>

Copy permissions from one file to another:

  • $acl = Get-Acl -path <pathtocopypermisssionsfrom>
    • $acl | Set-Acl -path <pathtocopypermissionsto>

If you need to add permissions but dont have permissions to copy from you can create an object containing the permissions:

  • New-Object Security.AccessControl.FileSystemAccessRule('IdentityReference\String','FileSystemRights','InheritanceFlags, PropagationFlags','AccessControlType')

Details on the options:

  • IdentityReference\String — user or group name (use the following principal format: domain\user)
  • FileSystemRights — permission (for example, Read , Write , etc.)
  • InheritanceFlags and PropagationFlags – these flags determine permission inheritance settings from the parent folder (more details about ACL propagation are described in the Microsoft documentation https://docs.microsoft.com/en-us/previous-versions/ms229747(v=vs.110)?redirectedfrom=MSDN)
  • AccessControlType — allow or deny access to an object (Allow/Deny)

Example: 

# get current NTFS permissions

$current_acl = Get-ACL -Path "C:\Docs"

# create an object with new NTFS permissions

$new_acl = New-Object System.Security.AccessControl.FileSystemAccessRule('domiain\user', 'Read', 'ContainerInherit, ObjectInherit', 'None', 'Allow')

# add new permissions to the current ACL

$current_acl.AddAccessRule($new_acl)

# Apply an ACL to a folder

Set-ACL -Path "C:\Docs" -ACLObject $current_acl
Retrieved from ‘http://piszczynski.com/index.php?title=DriveSpace&oldid=379
Last modified
This page was last modified on 15 November 2023, at 22:32.