Mercurial Mercurial > tips / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Change NTFS permission.
authorOleksandr Gavenko <gavenkoa@gmail.com>
Fri, 16 Sep 2011 00:56:37 +0300
changeset 992 3f8b5c0ba822
parent 989 b0902fc3fd99
child 993 e3fefdeb1cbf
Change NTFS permission.
windows.rst file | annotate | diff | comparison | revisions 
--- a/windows.rst	Tue Sep 13 21:51:49 2011 +0300
+++ b/windows.rst	Fri Sep 16 00:56:37 2011 +0300
@@ -95,8 +95,8 @@
   http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2fcde6ce-b5fb-4488-8c50-fe22559d164e
                 Windows XP Service Pack 3 - ISO-9660 CD Image File
 
-Access to Samba for Vista/7.
-============================
+Access to Samba from Vista/7.
+=============================
 
 By default, you cannot authenticate and share files to and from Mac OS X or
 Linux Samba due to a well known authentication method turned off by default.
@@ -412,3 +412,72 @@
 
   schtasks /delete /tn %TASK_NAME% /f
 
+Change NTFS permission.
+=======================
+
+Change NTFS permission with 'icacls'.
+-------------------------------------
+
+'icacls' allow option:
+
+ * /c - Continues the operation despite any file errors. Error messages will
+   still be displayed.
+ * /t - Performs the operation on all specified files in the current directory
+   and its subdirectories.
+ * /l - Performs the operation on a symbolic link versus its destination.
+ * /q - Suppresses success messages.
+
+Recursively change the owner of all matching files to the specified user::
+
+  cmd> icacls /setowner <Username> /t /c
+
+Recursively grand full access::
+
+  cmd> icacls %dir% /t /grant:r desktop\user:(f)
+
+Well-known security identifiers (SID).
+======================================
+
+  S-1-0-0
+                Null SID. A group with no members. This is often used when a SID
+                value is not known.
+  S-1-1-0
+                World/Everyone. A group that includes all users.
+  S-1-3-0
+                Creator Owner ID. A security identifier to be replaced by the
+                security identifier of the user who created a new object. This
+                SID is used in inheritable ACEs.
+  S-1-3-1
+                Creator Group ID. A security identifier to be replaced by the
+                primary-group SID of the user who created a new object. Use this
+                SID in inheritable ACEs.
+  S-1-5-6
+                Service. A group that includes all security principals that have
+                logged on as a service. Membership is controlled by the
+                operating system.
+  S-1-5-7
+                Anonymous. A group that includes all users that have logged on
+                anonymously. Membership is controlled by the operating system.
+  S-1-5-32-544
+                Administrators group.
+  S-1-5-32-545
+                Users group.
+  S-1-5-32-546
+                Guests. By default, the only member is the Guest account. The
+                Guests group allows occasional or one-time users to log on with
+                limited privileges to a computer's built-in Guest account.
+  S-1-5-32-547
+                Power Users. Power users can create local users and groups;
+                modify and delete accounts that they have created; and remove
+                users from the Power Users, Users, and Guests groups. Power
+                users also can install programs; create, manage, and delete
+                local printers; and create and delete file shares.
+
+  http://msdn.microsoft.com/en-us/library/aa379649.aspx
+                Well-known SIDs
+  http://support.microsoft.com/kb/243330
+                Хорошо известные идентификаторы безопасности в операционных
+                системах Windows
+  http://en.wikipedia.org/wiki/Security_Identifier
+                Security Identifier
+
tips