rss logo
Computing
Home
How To
Music
The Band
Tracks
Misc
Links
🇫🇷 Fr

Restoring security descriptors from a backup with Icacls command

Microsoft Logo

Intro

I completely screwed up. Recently, due to some mishandling, I reset the security descriptors on a file share…

Thank goodness, it's fairly easy to restore security descriptors with the Icacls command and a full backup.

Personally, I restored the security descriptors from a windows snapshot (and with the very good dosdev utility: http://www.ltr-data.se/) but you can do it from a standard backup.

If, like me, you want to use a Windows snapshot, first mount the backup as a drive letter, save the security descriptors in a file with Icacls, then restore the security descriptors.

Diagram illustrating the process of backing up and restoring ACL permissions using ICACLS on Windows Server.

Mounting a vss snapshot

Here we'll look at how to mount a snapshot as an H: drive.

  • Open a PowerShell console with administrator rights:
Right-click menu showing the option to run PowerShell as administrator on Windows
  • List snapshots for drive D::
PS C:\> vssadmin list shadows /for=D:
  • Identify the snaphost you wish to mount:
Command output of vssadmin list shadows showing shadow copies for volume D: PS C:\> .\dosdev.exe H: \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy3 Using dosdev to map a shadow copy to drive letter H: for access in Windows PowerShell

Restore security descriptors

  • Go to H: and save ACLs for each folder with the icacls command:
PS C:\> H: PS H:\> cd .\Share\ PS H:\> icacls 01-Admin /save c:\BACKUPACL_01-Admin /T /C PS H:\> icacls 02-Softwares /save c:\BACKUPACL_01-Softwares /T /C PS H:\> icacls 03-Temp /save c:\BACKUPACL_03-Temp /T /C Using icacls command to save ACL permissions of files in a directory to a backup file in Windows PowerShell
  • Restore the ACLs for each folder with the icacls command:
PS H:\> cd D:\Share PS D:\> icacls .\ /restore c:\BACKUPACL_01-Admin /T /C PS D:\> icacls .\ /restore c:\BACKUPACL_02-Admin /T /C PS D:\> icacls .\ /restore c:\BACKUPACL_03-Admin /T /C Using icacls command to restore ACL permissions from a backup file to files in a directory in Windows PowerShell
  • Umount the H: drive:
PS D:\> .\dosdev.exe H: /D
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Contact :

contact mail address