Site icon Winhelponline

How to Reset File and Folder Permissions to Default (Inherited ACLs) in Windows

Incorrect permission entries assigned for a user account can prevent programs from accessing the file or folder. Or it may cause unauthorized users to have full access to the objects. In some cases, there may be a reference to obsolete user accounts (or SIDs) in the ACL (permissions list) that you want to clean up.

Have you modified the NTFS permissions for a file or folder wrongly, and want to revert to default (inherited ACLs)?

This article tells you how to replace the file or folder permissions with default inherited permissions quickly using the icacls.exe command-line. The information applies to all versions of Windows, from Windows Vista through Windows 10.

Reset NTFS Permissions for a File or Folder

Using the built-in icacls.exe console tool, you can quickly reset the NTFS permissions for a file or folder. This tool also has a feature where you can reset the permissions for files in a folder and sub-folders, recursively.

Important: Your user account needs full control permissions in order to reset or change the permissions of a file or folder. Lack of permissions would cause the error Failed processing n files when running the reset command. If that happens, make sure you first take ownership and assign full control permissions for your account.

Let’s say you have the following permissions for a folder:

In the above image, you can see that there is a custom (non-inherited) permission entry for the user named BackupUser, for the D:\Docs folder.

Running the icacls.exe d:\docs command-line to view the folder permissions shows this:

OPTIPLEX-9020\BackupUser:(OI)(CI)(M)
BUILTIN\Administrators:(I)(F)
BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
NT AUTHORITY\Authenticated Users:(I)(M)
NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)
BUILTIN\Users:(I)(RX)
BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)

Reset NTFS permissions for a file or folder

Use this command-line (from admin Command Prompt) syntax to reset the permissions for a file or folder.

icacls file_or_folder_name /reset

To reset the Docs folder permissions, I’d run:

icacls d:\docs /reset

To reset an individual file’s permissions, I’d run:

icacls d:\docs\places.docx /reset

To reset permissions for all files in a folder (e.g., D:\Docs), run:

icacls d:\docs\* /reset

Reset NTFS permissions for a folder, its subfolders, and files

To reset the permissions for the Docs folder along with its sub-folder, and all the files recursively, run this command:

icacls d:\docs /reset /t /c

Related command-line arguments:

You’ll see an output like this:

processed file: d:\docs
processed file: d:\docs\Expenses.xlsx
processed file: d:\docs\Places.docx
Successfully processed 3 files; Failed processing 0 files

The permissions for the Docs folder is now reset. This means the additional ACL entries will be gone. Only the inherited entries remain. If you had disabled inheritance earlier, the icacls.exe /reset command-line would restore the inherited permissions back.

Exit mobile version