I am using icacls to set permissions on a large number of directories for various groups. I want to assign what icacls help refers to as "modify access". It seems to do this correctly. However when the rights are viewed with Windows Explorer permissions tab on Windows 2008 the group shows up with no rights at all (no check boxes checked in the "Allow" column). One must click "Advanced -> Change Permissions -> Edit" to actually see that the group has been granted all permissions except "Full", "Delete Subfolders and Files", "Change Permissions" and "Take Ownership".
Now, from a purely functional point of view this is acceptable. The group has the desired rights. However, from an administrative point of view this could be confusing to someone further down the road when they see the group in the list on the first screen of the permissions tab but no rights appear to be assigned until you look at advanced permissions.
So my question is: Is there some way with icacls to assign the Modify right in such a way that it shows up on the first screen of the security tab as being so? In other words, with check marks in the allow column for "Modify", "Read & Excecute", "List folder contents", "Read" and "Write"?
