Sometimes you can't modify these ACLs correctly by using the Microsoft Windows Explorer graphical security editor. In some earlier versions of Windows, issues occurred when Windows tried to read these non-canonical ACLs. However, nothing prevents a program from writing an ACL that has ACEs in any arbitrary sequence. For example, ACEs that deny access typically come before ACEs that grant access. The Access Control Entries (ACEs) in an ACL have a certain preferred sequence depending on their type. To work around this issue, use another tool (for example, a later build of Cacls.exe). You can't use certain security tools to display or to modify permissions because the file has a non-canonical ACL
So, you may have to take ownership of a file, give yourself permissions to delete the file, and then delete the file. File owners have the implicit ability to modify file permissions, even if they aren't explicitly granted any permissions to the file. You may have to take ownership of the files to change the permissions.Īdministrators have the implicit ability to take ownership of any file, even if they haven't been explicitly granted any permission to the file.
To resolve this issue, change the permissions on the file. You can't delete a file if the file uses an Access Control List (ACL). Therefore, the word file in this article indicates either a file or folder. Internally, NTFS treats folders as a special type of file.
