Guys, Need a little help with ICACLS. How do I change a volume permission using ICACLS? The volume is mounted to folder C:\D (aka JUNCTION) dir c:\ <JUNCTION> D [\??\Volume{00000000-0000-0000-0000-000000000000}\] ICACLS \\?\Volume{00000000-0000-0000-0000-000000000000}\ changes permission on volume. ICACLS C:\D changes permission on folder C:\D, not for the volume mounted there. ICACLS has a switch to operate on symbolic link (i.e. a directory symbolic link) /L indicates that this operation is performed on a symbolic link itself versus its target. Is there another switch for Directory Junction? I assume, by default it supposed to operate on target for all kind of links, but it doesn’t... How do I tell ICACLS to operate on Directory Junction target?

Hi, Icacls.exe is aware of junction points. For more information, please refer to the following Microsoft TechNet blog: Security Watch: Tools for Managing ACLs http://technet.microsoft.com/en-us/magazine/2007.07.securitywatch.aspx All the parameters for Icacls are listed below, but no one is indicated for junction specially. Since symbolic link and junction point are similar, please try to use the parameter: /l and let us know the result. Icacls http://technet.microsoft.com/en-us/library/cc753525(v=WS.10).aspx Regards,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Icacls.exe is aware of junction points. All the parameters for Icacls are listed below, but no one is indicated for junction specially. Since symbolic link and junction point are similar, please try to use the parameter: /l and let us know the result. No difference between ICACLS C:\D /L ICACLS C:\D both works on folder C:\D, not on the mounted volume. I guess, it’s either bug or not documented feature...