JSI Tip 6550. How do I manually edit the Gpttmpl.inf file to stop inheritance?

Jerold Schulman

April 7, 2003

2 Min Read
ITPro Today logo in a gray background | ITPro Today

NOTE: The text in the following Microsoft Knowledge Base article is provided so that the site search can find this page. Please click the Knowledge Base link to insure that you are reading the most current information.

Microsoft Knowledge Base article Q278436 contains:

SUMMARY

This article describes how to manually edit the Gpttmpl.inf file to stop inheritance. Inheritance occurs when the security policies and assigned permissions are passed down from one object (the parent object) to the objects that are below it in the folder hierarchy (child objects).

MORE INFORMATION

You can edit the Gpttmpl.inf file so the ACL configuration that is set on the parent folder is not passed down to folders below it. To edit the Gpttmpl.inf file to stop inheritance:

Note For folders where this procedure has been applied, the folder must be protected again before the line is applied again. Before you apply the following procedure, locate the folder or file where you want to stop inheritance, and then make sure that the correct security settings are implemented. The "0" switch resets all permissions on child objects, and causes the children to completely inherit from the parent without resetting explicit (non-inherited) permissions on child objects. This resets explicit permissions on child objects and inherited permissions. The "2" switch resets all permissions on child objects, and causes the child objects to completely inherit from the parent object.

Warning Before you follow these steps, back up the Gpttmpl.inf file.

Part 1: Edit the Gpttmpl.inf File

  1. Click Start, point toSearch, and then click For Files orFolders.

  2. In the Search for files or folders namedbox, type Gpttmpl.inf.

  3. When the search process is complete, double-click theGpttmpl.inf file.

  4. Locate the line of code that corresponds to the file orfolder that you want to edit. For example, the following code corresponds tothe "Documents and Settings" folder on drive C:

    "C:Documents and Settings",2,"D:PAR(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)(A;CINP;0x00100001;;;BU"

  5. To avoid resetting explicit permissions in a subfolder,change the "2" to a "0" (zero).

  6. On the File menu, clickSave.

  7. On the File menu, clickClose.

Part 2: Implement the Policy Change

  1. Click Start, and then clickRun.

  2. In the Open box, type secedit/refreshpolicy machine_policy /enforce, and then clickOK.



About the Author

Jerold Schulman

Jerold Schulman

See more from Jerold Schulman
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

a digital shield icon with a keyhole next to text that says linux kernel security
Vulnerabilities & Threats
Linux Kernel Exploits: How Attackers Gain Root Access and How To Defend Against It
Linux Kernel Exploits: Common Threats and How To Prevent Them

Oct 8, 2024

DevOps warning sign in front of gray sky
DevOps
How to Avoid Hidden DevOps Costs and Optimize for Efficiency
How to Avoid Hidden DevOps Costs and Optimize for Efficiency

Oct 9, 2024

a phone call between two business people reveals that one of them is a deepfake scammer
Vulnerabilities & Threats
We’re Worried About Deepfake Voice Scams. How Do We Protect Employees?
We’re Worried About Deepfake Voice Scams. How Do We Protect Employees?

Oct 4, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

MLOps
Ops and More
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
multicloud concept
Cloud Computing
Cross-Cloud: The Next Evolution in Cloud Computing?
Cross-Cloud: The Next Evolution in Cloud Computing?
Wi-Fi 6 speed logo glowing on virtual screen while businessperson points hand and using laptop computer.
IT Operations
Wi-Fi 6: A Step Forward, But Wired LAN Still Holds the Crown
Wi-Fi 6: A Step Forward, But Wired LAN Still Holds the Crown
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables