win_acl_inheritance – Change ACL inheritance

Synopsis

• Change ACL (Access Control List) inheritance and optionally copy inherited ACE’s (Access Control Entry) to dedicated ACE’s or vice versa.

Parameters

Parameter	Choices/Defaults	Comments
path path / required		Path to be used for changing inheritance
reorganize boolean	Choices: no ← yes	For P(state) = absent, indicates if the inherited ACE's should be copied from the parent directory. This is necessary (in combination with removal) for a simple ACL instead of using multiple ACE deny entries. For P(state) = present, indicates if the inherited ACE's should be deduplicated compared to the parent directory. This removes complexity of the ACL structure.
state string	Choices: absent ← present	Specify whether to enable present or disable absent ACL inheritance.

See Also

See also

win_acl – Set file/directory/registry permissions for a system user or group

The official documentation on the win_acl module.

win_file – Creates, touches or removes files or directories

The official documentation on the win_file module.

win_stat – Get information about Windows files

The official documentation on the win_stat module.

Examples

- name: Disable inherited ACE's
  win_acl_inheritance:
    path: C:\apache
    state: absent

- name: Disable and copy inherited ACE's
  win_acl_inheritance:
    path: C:\apache
    state: absent
    reorganize: yes

- name: Enable and remove dedicated ACE's
  win_acl_inheritance:
    path: C:\apache
    state: present
    reorganize: yes

Status

• This module is not guaranteed to have a backwards compatible interface. [preview]
• This module is maintained by the Ansible Core Team. [core]

Red Hat Support

More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.

Authors

• Hans-Joachim Kliemeck (@h0nIg)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.