System.Security.AccessControl.PropagationFlags Powershell Equivalent GUI use?

ntfs powershell windows-server-2008-r2 windows-server-2012-r2

Note: This is not a duplicate of the question "System.Security.AccessControl.InheritanceFlags PowerShell Enumeration Equivalent GUI use?"

I'm in a strange predicament. I understand the concept of ACE permissions propagation in the NTFS file system; and it makes sense to me when I use it in the code; but when it comes the GUI I'm sort of lost:

The documentation for the System.Security.AccessControl.PropagationFlags enumeration has the following members

  • InheritOnly
  • None
  • NoPropagateInherit

Their explanations in the documentation make sense to me, and I have no issue with them; but I don't understand how each of these relate to doing the same thing in the GUI.

Can you please show me that path to replicating each functionality as it relates to the GUI dialogs?


The options in the advanced dialog are created by combining Propagation and Inheritance flags.

GUI options

This folder only

  • Propagation: None
  • Inheritance: None

This folder, subfolders and files

  • Propagation: None
  • Inheritance: ObjectInherit, ContainerInherit

This folder and subfolders

  • Propagation: None
  • Inheritance: ContainerInherit

This folder and files

  • Propagation: None
  • Inheritance: ObjectInherit

Sub folders and files only

  • Propagation: InheritOnly
  • Inheritance: ObjectInherit, ContainerInherit

Subfolders only

  • Propagation: InheritOnly
  • Inheritance: ContainerInherit

Files only

  • Propagation: InheritOnly
  • Inheritance: ObjectInherit

NoPropagateInherit

This flag is added by selecting "Only apply these permissions to objects and/or containers within this container". This option can be set for any right but the "This folder only" option. For example, here are two of them:

Files only

  • Propagation: InheritOnly, NoPropagateInherit
  • Inheritance: ObjectInherit

Sub folders and files only

  • Propagation: InheritOnly, NoPropagateInherit
  • Inheritance: ObjectInherit, ContainerInherit

If you were to apply an access control entry to C:\Something using that flag the right would apply to C:\Something\Else, but it would not be carried down to C:\Something\Else\Entirely.

Related

mod_rpaf behind an Amazon ELB
Linux FTP/SSH Permissions
How to set up routing for RRAS VPN connections
How to get Tomcat 9 to work with authbind to bind to port 80?
Allowing apache to write with iptables [duplicate]
Is there a load balancer that will allow me to take down a server manually when deploying? [closed]
Send me an e-mail whenever someone logs in via SSH
CPU load too high. How to investigate?
How to merge multiple ProxyPass directives in Apache?
MySQL InnoDB: how to switch to Barracuda format?
In Nginx, block user based on X header value
Why is psExec hanging indefinitely and giving no error?