Equivalent of chmod to change file permissions in Windows
Solution 1
Greg mentions attrib - but attrib isn't anywhere close to chmod - attrib can set Read-only/Hidden attributes of a single file - it doesn't provide fine-grained controls like icacls does.
icacls sets/resets the access control lists, so you can grant/deny rights for individual SIDs & groups. It is fairly complicated though.
Here's an example I have saved in my github gist; it resets the ownership and access control list for all files in a folder and is particularly useful to fix those annoying "You need permissions from .. to perform this action" especially when moving files over from a previous install:
icacls * /reset /t /c /q
Reset replaces the existing one with the default list.
/t acts recursively on all files, folders & subfolders
/q doesn't display any success messages
/c continues with remaining files even in an error occurs.
You can also do things like backup the existing ACLs & apply them across all. Have a look at ss64 which explains the different options & switches very well.
Solution 2
Either cacls, xcacls, or my personal favourite icacls will probably do what you need.
Solution 3
There (sadly) can't be an exact equivalent, since Linux und DOS/Windows use attributes for different purposes, and (as Chathuranga said before) the security model is different:
- In Windows file systems, there are "hidden" (
H) and "system" (S) attributes which don't have an equivalent in Linux; there, files are hidden by prepending the name with a dot (.). - There is no equivalent to the Windows "archive" (
A) attribute, either. - There is no equivalent to the "executable" (
x) Linux attributes in the DOS/Windows file attributes. - There is an equivalent to the Windows "directory" (
D) attribute (but it can't be changed anyway). - In Linux file systems, every entry is owned by exactly one user and exactly one group, and read/write/execution can be allowed for each of them, and for others. ACLs (like used by Windows) are even more flexible, but more complicated as well, and the commandline syntax is a PITA (in my humble opinion, of course)
The DOS file attribute R (read-only) is the one which might be considered to have an equivalent: this attribute set is roughly like the w attribute for all being missing; but the permission to change this attribute is subject to ACLs.
It might be cool to have a chmod/chown equivalent on Windows, perhaps written in some scripting language, which in turn calls attrib and cacls (or successors), but I don't have one.
Solution 4
icacls "C:\folder" /grant:r "Domain\Users":(OI)(CI)M /T /C
Works like a charm to change permissions on a folder for domain users. Additional information regarding cacls and icacls.
Solution 5
The attrib command is the closest match for very basic things (read-only, archive flags). Then there is The ACL (access control list) command cacls. Last but not least, since Windows is actually Posix compliant, the unix-like flags do exist. If you install the Cygwin tool set, you will get a chmod. (A little off-topic, since you are looking for an equivalent of a unix command, downloading and installing Cgygwin might be something interesting for you.)
Related videos on Youtube
01 : 45
04 : 11
03 : 36
02 : 35
11 : 36
nhinkle
Updated on September 17, 2022Comments
-
nhinkle almost 2 years
Is there any Windows equivalent of Linux's
chmodto change the permissions of a file?-
Admin about 2 yearshaven't decide an answer yet? -
Admin about 2 years@ichimaru The user has removed its account I think.
-
-
JJ_Australia almost 14 yearsI believe
icaclsis only available on Vista/7. -
slm over 11 yearsGood first post! -
slm over 11 yearsNice first post! Never heard of icacls.
-
theonlygusti over 9 yearsThe problem is, I can't do this, for every file there is the message: "Access is denied". Is there no way around this? On a school system that blocks this, but not cmd? -
Tobias over 9 yearsYou need admin privileges; the "normal"
cmdwhich you get by hitting [Win]+[R] lacks these. For such special needs I have an "Admin shell" shortcut, with "Execute as administrator" (or similar; I'm on a German Windows system) checked (and with a dark red background colour). -
tvdo over 6 years -
Čamo over 6 yearsI actually face the problem with Permission denied error. Why the hell I can do something if I am an administrator and console I run runs as administrator too. What is that?
-
Eryk Sun over 6 yearsYou're confusing file attributes and permissions. Linux has file attributes that can be changed via chattr. Linux has fine-grained access control for attributes (e.g. the [i]mmutable attribute can only be set by root or a
CAP_LINUX_IMMUTABLEprocess), whereas access to set attributes in Windows is all or nothing. It is a common mistake in implementations ofchmodfor Windows to use this command to set the read-only file attribute. Unfortunately systems are only as informed as the programmers who develop them. -
Tobias over 6 years@eryksun: Interesting - I was not aware of that
chattrcommand. But you didn't mean me, to "confuse file attributes and permissions", right? AFAICS, every word I wrote about DOS attributes is still correct. -
Eryk Sun over 6 yearsA file consists of a lot of (extended) attributes. In Unix the core set of attributes are stored in the inode, including the file mode (permissions). Other extended attributes (e.g. ACLs) may be stored externally. Windows has no equivalent to the Unix "mode" attribute. It also doesn't have a common inode record for filesystems. An NTFS MFT record is similar. From its POV, the standard Windows file attributes are a single attribute of the file record. These correspond to Linux file attributes set via
chattr, except Windows has a directory attribute since there's no inode. -
Eryk Sun over 6 yearsThe question asks about an "[e]quivalent of chmod to change file permissions in Windows". There is no direct equivalent to
chmodin Windows because there is nothing like the file "mode" attribute. The standard set of Windows file attributes have nothing to do with this. The read-only attribute is not a file permission. It basically says the file is written in stone, so all attempts to modify it must fail. The Linux "immutable" file attribute is similar. Windows only uses ACLs for permissions, so icacls.exe and the like are the only similar commands on the subject of permissions. -
Kerwin Sneijders over 4 yearsI jus used it on Windows 10. It's also available there. -
demonicdaron over 4 yearsGetting "OI : The term 'OI' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again."
