As of Vista, caclsis deprecated. Here's the first couple of help lines:

从 Vista 开始，cacls已弃用。这是前几条帮助热线：

C:\>cacls
NOTE: Cacls is now deprecated, please use Icacls.

Displays or modifies access control lists (ACLs) of files

You should use icaclsinstead. This is how you grant John full control over D:\testfolder and all its subfolders:

你应该icacls改用。这是您授予 John 对D:\test文件夹及其所有子文件夹的完全控制权的方式：

C:\>icacls "D:\test" /grant John:(OI)(CI)F /T

According do MS documentation:

根据 do MS 文档：

• F= Full Control
• CI= Container Inherit - This flag indicates that subordinate containers will inherit this ACE.
• OI= Object Inherit - This flag indicates that subordinate files will inherit the ACE.
• /T= Apply recursively to existing files and sub-folders. (OIand CIonly apply to new files and sub-folders). Credit: comment by @AlexSpence.

• F= 完全控制
• CI= Container Inherit - 此标志表示从属容器将继承此 ACE。
• OI= Object Inherit - 此标志表示从属文件将继承 ACE。
• /T= 递归地应用于现有文件和子文件夹。（OI并且CI仅适用于新文件和子文件夹）。信用：@AlexSpence 的评论。

For complete documentation, you may run "icacls" with no arguments or see the Microsoft documentation hereand here

对于完整的文档，您可以icacls不带参数运行“ ”或在此处和此处查看 Microsoft 文档

You can also use ICACLS.

您也可以使用 ICACLS。

To grant the Usersgroup Full Controlto a folder:

授予用户组对文件夹的完全控制权限：

>icacls "C:\MyFolder" /grant Users:F

To grant Modifypermission to IIS users for C:\MyFolder(if you need your IIS has ability to R/W files into specific folder):

向 IIS 用户授予修改权限C:\MyFolder（如果您需要您的 IIS 能够将文件读/写到特定文件夹中）：

>icacls "C:\MyFolder" /grant IIS_IUSRS:M

If you do ICACLS /?you will be able to see all available options.

如果你做ICACLS /？您将能够看到所有可用的选项。

Open a Command Prompt, then execute this command:

打开命令提示符，然后执行以下命令：

icacls "c:\somelocation\of\path" /q /c /t /grant Users:F

icacls "c:\somelocation\of\path" /q /c /t /grant Users:F

Fgives Full Access.

F提供完全访问权限。

/q /c /tapplies the permissions to subfolders.

/q /c /t将权限应用于子文件夹。

Note: Sometimes "Run as Administrator" will help.

注意：有时“以管理员身份运行”会有所帮助。

Use caclscommand. See information here.

使用cacls命令。请参阅此处的信息。

CACLS files /e /p {USERNAME}:{PERMISSION}

Where,

/p : Set new permission

/e : Edit permission and kept old permission as it is i.e. edit ACL instead of replacing it.

{USERNAME} : Name of user

{PERMISSION} : Permission can be:

R - Read

W - Write

C - Change (write)

F - Full control

For example grant Rocky Full (F) control with following command (type at Windows command prompt):

C:> CACLS files /e /p rocky:f

Read complete help by typing following command:

C:> cacls /?

CACLS 文件 /e /p {USERNAME}:{PERMISSION}

在哪里，

/p : 设置新权限

/e ：编辑权限并保留旧权限，即编辑ACL而不是替换它。

{USERNAME} ：用户名

{PERMISSION} ：权限可以是：

R - 读取

W - 写

C - 改变（写）

F - 完全控制

例如，使用以下命令授予 Rocky Full (F) 控制权（在 Windows 命令提示符下键入）：

C:> CACLS 文件 /e /p Rocky:f

通过键入以下命令阅读完整的帮助：

C:> cacls /?

I try the below way and it work for me:
1. open cmd.exe
2. takeown /R /F *.*
3. icacls * /T /grant [username]:(D)
4. del *.* /S /Q

我尝试以下方法，它对我有用：
1. 打开cmd.exe
2. takeown /R /F *.*
3. icacls * /T /grant [username]:(D)
4.del *.* /S /Q

So that the files can become my own access and it assign to "Delete" and then I can delete the files and folders.

这样文件就可以成为我自己的访问权限并将其分配给“删除”，然后我可以删除文件和文件夹。

Corrupt Permissions: Regaining access to a folder and its sub-objects

损坏的权限：重新获得对文件夹及其子对象的访问权限

Although most of the answers posted in reply to the question have some merit, IMHO none of them give a complete solution. The following (might be) a perfect solution for Windows 7if you are locked-out of a folder by corrupted permission settings:

尽管在回答问题时发布的大多数答案都有一些优点，但恕我直言，没有一个给出完整的解决方案。如果您被损坏的权限设置锁定在文件夹之外，以下（可能）是Windows 7的完美解决方案：

icacls "c:\folder" /remove:d /grant:r Everyone:(OI)(CI)F /T  

For Windows 10the user/SID must be specified after the /remove:doption:

对于Windows 10，必须在/remove:d选项后指定用户/SID ：

icacls "c:\folder" /remove:d Everyone /grant:r Everyone:(OI)(CI)F /T  

.
Notes:

.
注意事项：

1. The command is applied to the specified directory.

2. Specifying the user "Everyone" sets the widest possible permission, as it includes everypossible user.

3. The option "/remove:d" deletes any explicit DENY settings that may exist, as those override explicit ALLOW settings: a necessary preliminary to creating a new ALLOW setting. This is only a precaution, as there is often no DENY setting present, but better safe than sorry.

4. The option "/grant" creates a new ALLOW setting, an explicit permission that replaces (":r") any and all explicit ALLOW settings that may exist.

5. The "F" parameter (i.e. the permission created) makes this a grant of FULL control.

6. The "/T" parameter adds recursion, applying these changes to all currentsub-objects in the specified directory (i.e. files and subfolders), as well as the folder itself.

7. The "(OI)" and "(CI)" parameters also add recursion, applying these changes to sub-objects created subsequently.
   .

1. 该命令应用于指定的目录。

2. 指定用户“Everyone”会设置尽可能广泛的权限，因为它包括所有可能的用户。

3. 选项“/remove:d”删除可能存在的任何显式拒绝设置，因为这些设置会覆盖显式 ALLOW 设置：创建新 ALLOW 设置的必要准备。这只是一种预防措施，因为通常不存在拒绝设置，但安全总比抱歉好。

4. 选项“/grant”创建了一个新的 ALLOW 设置，一个显式权限，用于替换 (":r") 任何和所有可能存在的显式 ALLOW 设置。

5. “F”参数（即创建的权限）使其成为完全控制的授予。

6. “/T”参数添加递归，将这些更改应用于指定目录（即文件和子文件夹）中的所有当前子对象，以及文件夹本身。

7. "(OI)" 和 "(CI)" 参数还添加了递归，将这些更改应用于随后创建的子对象。
   .

ADDENDUM (2019/02/10)-

附录 (2019/02/10)-

The Windows 10 command line abovewas kindly suggested to me today, so here it is. I haven't got Windows 10 to test it, but please try it out if you have (and then will you please post a commentbelow).

今天向我建议了上面的 Windows 10 命令行，所以它在这里。我还没有 Windows 10 来测试它，但如果你有的话，请尝试一下（然后你可以在下面发表评论）。

The change only concerns removing the DENY setting as a first step. There might well not be any DENY setting present, so that option might make no difference. My understanding is, on Windows 7, that you don't need to specify a user after /remove:dbut I might be wrong about that!

更改仅涉及删除 DENY 设置作为第一步。很可能不存在任何拒绝设置，因此该选项可能没有任何区别。我的理解是，在 Windows 7 上，您不需要在/remove:d之后指定用户，但我可能错了！

.

.

ADDENDUM (2019/11/21)-

附录 (2019/11/21)-

User astarkrecommends replacing Everyonewith the term *S-1-1-0 in order for the command to be language independent. I only have an English install of Windows, so I can't test this proposal, but it seems reasonable.

用户astark建议用术语 *S-1-1-0替换每个人，以便命令与语言无关。我只有英文版的 Windows，所以我无法测试这个建议，但它似乎是合理的。

I struggled with this for a while and only combining the answers in this thread worked for me (on Windows 10):
1. Open cmd or PowerShell and go to the folder with files
2. takeown /R /F .
3. icacls * /T /grant dan:F

我为此苦苦挣扎了一段时间，只结合了这个线程中的答案对我 有用（在 Windows 10 上）：
1. 打开 cmd 或 PowerShell 并转到包含文件的文件夹
2. takeown /R /F 。
3. icacls * /T /grant dan:F

Good luck!

祝你好运！

Just in case there is anyone else that stumbles on this page, if you want to string various permissions together in the one command, I used this:

以防万一有人在此页面上绊倒，如果您想在一个命令中将各种权限串在一起，我使用了这个：

icacls "c:\TestFolder" /grant:r Test_User:(OI)(CI)(RC,RD,RX)

Note the csv string for the various permissions.

请注意各种权限的 csv 字符串。

With an Excel vba script to provision and create accounts. I was needing to grant full rights permissions to the folder and subfolders that were created by the tool using our administrators 'x' account to our new user.

使用 Excel vba 脚本来配置和创建帐户。我需要向我们的新用户授予对该工具使用管理员“x”帐户创建的文件夹和子文件夹的完全权限。

cacls looked something like this: cacls \FileServer\Users\Username /e /g Domain\Username:C

cacls 看起来像这样： cacls \FileServer\Users\Username /e /g Domain\Username:C

I needed to migrate this code to Windows 7 and beyond. My solution turned out to be:

我需要将此代码迁移到 Windows 7 及更高版本。我的解决方案原来是：

icacls \FileServer\Users\Username /grant:r Domain\Username:(OI)(CI)F /t

icacls \FileServer\Users\Username /grant:r Domain\Username:(OI)(CI)F /t

/grant:r - Grants specified user access rights. Permissions replace previously granted explicit permissions. Without :r, permissions are added to any previously granted explicit permissions

/grant:r - 授予指定的用户访问权限。权限取代了先前授予的显式权限。没有 :r，权限将添加到任何先前授予的显式权限

(OI)(CI) - This folder, subfolders, and files.

(OI)(CI) - 此文件夹、子文件夹和文件。

F - Full Access

F - 完全访问

/t - Traverse all subfolders to match files/directories.

/t - 遍历所有子文件夹以匹配文件/目录。

What this gave me was a folder on this server that the user could only see that folder and created subfolders, that they could read and write files. As well as create new folders.

这给我的是该服务器上的一个文件夹，用户只能看到该文件夹​​并创建子文件夹，他们可以读取和写入文件。以及创建新文件夹。

XCACLS.VBS is a very powerful script that will change/edit ACL info. c:\windows\system32\cscript.exe xcacls.vbs help returns all switches and options.

XCACLS.VBS 是一个非常强大的脚本，可以更改/编辑 ACL 信息。c:\windows\system32\cscript.exe xcacls.vbs 帮助返回所有开关和选项。

You can get official distribution from Microsoft Support Page

您可以从Microsoft 支持页面获得官方发行版