How can I add a user from Windows 8 to an ACL on Windows 7?

The title pretty much says what I want to do.

I have a dual-boot setup with Windows 7 and Windows 8. Is there an easier way of doing this? I do not want to takeown the files, just add a user (or two) to the ACLs.

Is there an easier way of doing this?

Ideally, I would like to be able to select users from the advanced dialog in the edit permissions form, but I understand that this is probably not possible.

Update: If the answer is to use icalcs then please explain how I can add the user, since it is not a windows 7 user (i.e. I do not understand how it will know what user I am talking about).

soandos

Posted 2012-06-24T05:08:36.080

Reputation: 22 744

Downvoter, comment? – soandos – 2012-06-24T05:29:12.683

So you're trying to grant access/rw privileges to a folder/file to a user that doesn't exist? – Mythrillic – 2012-06-24T05:38:45.663

@Adam543i No, to one that exists on a different OS (i.e. a windows operating system on a different partition) – soandos – 2012-06-24T05:43:00.873

Answers

You could try using fileacl to force setting the SID of your Windows 8 user account on the folder in question.

To retrieve your SID, you can use psgetsid, then update the ACL via:

fileacl c:\something /S S-1-N-M...:RXWDP

Explanation

/S is the switch to set permissions
S-1-N-M... should be replaced with the SID that should be inserted into the ACL
Please note, the SID and the permissions have the be delimited by a :.
RXWDP stands for
- Read
- Execute (Change directory)
- Write
- Delete
- Write permissions

Der Hochstapler

Posted 2012-06-24T05:08:36.080

Reputation: 77 228

Please look into icacls /grant

You may also want to look into icacls /inheritance:e

EDITED to add more information as I cannot fit this text as a response

When you attempt to access a folder to which you do not have access, you're prompted by Windows with a dialog box, which asks you to elevate and permanently grant your account access to the folder. This adds your current logged in account's SID to the folder. However, if the files in the folder are not configured to inherit permissions from their parent folder, the permissions which were added to the directory as a result of the previous step are not inherited by the files within that folder. The icacls command with /inheritance:e option simply grants your current user account permission to access the file by inheriting them from the parent directory. In essence, you're adding the current logged in user's SID to the files.

R..

Posted 2012-06-24T05:08:36.080

Reputation: 122

I can grant it, but to whom am I granting the rights? The other user does not exist on windows 7 – soandos – 2012-06-24T05:22:59.587

I've provided a more detailed response above. The short answer is that you grant permission to the current logged in user to view the resource. Cheers. – R.. – 2012-06-24T06:36:22.070

If the files were from a different operating system what actually happens is that windows lets the current user take ownership over the files. I want to avoid that. – soandos – 2012-06-24T06:37:34.660

I place all the folders that I want to access by BOTH (or more,) OS's on a different logical volume or mount-point.

It's a lot less hassle than trying to access user folders held hostage by Vista, Win7, or Win8.

Barring that, I believe that if you always make sure that the user and password for both OSes are the same, you should be golden.

Tallon41

Posted 2012-06-24T05:08:36.080

Reputation: 56

While this is true, it is not very practical in many cases. Moving user profiles is a headache on its own, and keeping the passwords the same is not trivial either (and it's a security risk) – soandos – 2013-04-09T21:40:45.890

Assuming this is a personal and business computer, there is no add'l security risk. I would not move the profiles, they should stay within their install partition. – Tallon41 – 2013-04-09T21:52:53.510