How to use takeown and icacls to deny access to other users?

What is the Windows equivalent to:

chown $USER
chmod 600 file

From what I understand, this requires that inherited permissions be disabled (because HOSTNAME\Users is inherited) and all groups outside of myself and Administrators be removed.

Can this operation be performed with takeown and icacls?


Solution 1:

Take ownership, so that the previous owner (if any) couldn't change permissions. Use takeown command to do this :

takeown /f filepath

Disable automatic inheritance:

icacls filepath /inheritance:d

Grant yourself full control:

icacls filepath /grant user:f

Finally remove everyone else:

icacls filepath /remove someotheruser

Anyone who is not listed in the ACL will be denied by default.