I am trying to deny all users from being able to delete a folder (as well as its contents, if possible).
What I currently have is not working.
icacls pics /deny Everyone:(OI)(CI)(DE)
Using the above line neither protects the folder nor its content as I can still delete the folder and all files within it.
I think i found a solution:
icacls pics /deny Everyone:(OI)(CI)(DE,DC)
which denies the specific rights to delete (DE)
and to delete childs (DC)
.
*S-1-1-0
instead of Everyone
. (see Well-Known SIDs)attrib +r pics
, and then denying (WA)
so it can't be changed (credit to Harry Johnston)