diff -r b0902fc3fd99 -r 3f8b5c0ba822 windows.rst --- a/windows.rst Tue Sep 13 21:51:49 2011 +0300 +++ b/windows.rst Fri Sep 16 00:56:37 2011 +0300 @@ -95,8 +95,8 @@ http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2fcde6ce-b5fb-4488-8c50-fe22559d164e Windows XP Service Pack 3 - ISO-9660 CD Image File -Access to Samba for Vista/7. -============================ +Access to Samba from Vista/7. +============================= By default, you cannot authenticate and share files to and from Mac OS X or Linux Samba due to a well known authentication method turned off by default. @@ -412,3 +412,72 @@ schtasks /delete /tn %TASK_NAME% /f +Change NTFS permission. +======================= + +Change NTFS permission with 'icacls'. +------------------------------------- + +'icacls' allow option: + + * /c - Continues the operation despite any file errors. Error messages will + still be displayed. + * /t - Performs the operation on all specified files in the current directory + and its subdirectories. + * /l - Performs the operation on a symbolic link versus its destination. + * /q - Suppresses success messages. + +Recursively change the owner of all matching files to the specified user:: + + cmd> icacls /setowner /t /c + +Recursively grand full access:: + + cmd> icacls %dir% /t /grant:r desktop\user:(f) + +Well-known security identifiers (SID). +====================================== + + S-1-0-0 + Null SID. A group with no members. This is often used when a SID + value is not known. + S-1-1-0 + World/Everyone. A group that includes all users. + S-1-3-0 + Creator Owner ID. A security identifier to be replaced by the + security identifier of the user who created a new object. This + SID is used in inheritable ACEs. + S-1-3-1 + Creator Group ID. A security identifier to be replaced by the + primary-group SID of the user who created a new object. Use this + SID in inheritable ACEs. + S-1-5-6 + Service. A group that includes all security principals that have + logged on as a service. Membership is controlled by the + operating system. + S-1-5-7 + Anonymous. A group that includes all users that have logged on + anonymously. Membership is controlled by the operating system. + S-1-5-32-544 + Administrators group. + S-1-5-32-545 + Users group. + S-1-5-32-546 + Guests. By default, the only member is the Guest account. The + Guests group allows occasional or one-time users to log on with + limited privileges to a computer's built-in Guest account. + S-1-5-32-547 + Power Users. Power users can create local users and groups; + modify and delete accounts that they have created; and remove + users from the Power Users, Users, and Guests groups. Power + users also can install programs; create, manage, and delete + local printers; and create and delete file shares. + + http://msdn.microsoft.com/en-us/library/aa379649.aspx + Well-known SIDs + http://support.microsoft.com/kb/243330 + Хорошо известные идентификаторы безопасности в операционных + системах Windows + http://en.wikipedia.org/wiki/Security_Identifier + Security Identifier +