As many of us move forward from Windows XP or prior beta versions of Windows Vista to the final RTM version, I thought this little tip / secret might be in order. You may be aware that Windows Vista includes a number of different ways to upgrade a computer, from a straight in-place upgrade (insert CD, run setup and choose upgrade) to Windows Easy Transfer, which allows you to copy settings, programs and data from an old setup a fresh shiny new OS environment. But I'm the purist type who hates even the thought of leaving any detritus around and insists upon a clean install to a pure, unsullied partition.
In doing this, it's not unusual to find some folders that can't be accessed, even by an administrator, because their ACLs were set for accounts with SIDs that applied to an old partition. For example, on my home machine, I switched the C: and D: drive cables around and installed Windows Vista RTM on the new drive. Having tested everything worked, I wanted to delete some old redundant directories (like the old \Program Files directory). If even an administrator can't access the file, how do you take it back?
The secret lies in two command-line utilities, one ancient, the other completely revised for this release. Respectively, these are takeown (which takes ownership of a file or directory) and icacls (which sets new ACLs on that directory). I created a small batch command on my system called itsmine.cmd, as follows:
takeown /f %1 /r /d y icacls %1 /grant administrators:F /t
From an elevated command prompt, you can run a command such as itsmine d:\hard_to_delete and this will reset ownership and ACLs on the hard_to_delete directory such that a command like rd /s d:\hard_to_delete should work.
These two lines have saved me a lot of pain over the last week as I've gradually flattened and reinstalled the RTM version of Windows Vista on each of my machines: hopefully they'll be equally useful to you!
User Account Control is, as I mentioned in secret #4, an important part of the security protection that Windows Vista offers. For any user with administrative credentials, you can always execute a process with full admin rights by right-clicking on the executable or shortcut and choosing "Run as Administrator".
For myself, I regularly want to open an admin-level command prompt, and it's a distraction to have to move my hands off the keyboard to go through the elevation contortions. So I was delighted to find a little keyboard shortcut for launching an elevated process. Simply press Ctrl+Shift+Enter from the search bar on the start menu with a selected application, and that triggers elevation.
For example, to launch an elevated command prompt, simply press the Win key; type cmd; press Ctrl+Shift+Enter; and then hit Alt+C to confirm the elevation prompt. Six keystrokes to an elevated command prompt!
(Once I've got an elevated command prompt, I always like to execute color 4f as my first input so that this console window is visually differentiated from other non-elevated windows.)