Jump to content

icacls Problem, any Ideas ?

Guest Schellhaas

By Guest Schellhaas
in Techno Babble

 Share

Recommended Posts

Guest Schellhaas

Guest Schellhaas

Posted
Posted

Hello ppl,

 

i want to replace a SID on a Network Share, its an EMC Cellerra Fileserver.

The SID belongs to a non existent local Group of a Computer, and shall be

replaced with the Domain Admins.

Now the Problem is: i can see the SID when i do a icacls . /save blabla /t eg:

D:AI(A;;FA;;;S-1-5-21-843271493-14817-88053947-544)(A;ID;FA;;;S-1-5-21-3293502084-2983367093-3279364434-3974)(A;ID;FA;;;DA)

../\gempc.doc

its the first SID.

Now i can do a search fo my own SID by Number:

icacls . /findSID S-1-5-21-3293502084-2983367093-3279364434-3974 /t

and it is found. now i do a search for the SID to be replaced:

icacls ./ /findSID S-1-5-21-843271493-14817-88053947-544 /t

Es wurde keine Dateien mit übereinstimmender SID gefunden. <-- none is found

 

how can that be ? what do i do wrong ? my own SID is inherited, the other is

added explcitely

 

thanks for hints

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Kerry Brown

Guest Kerry Brown

Posted
Posted

Why not just delete the permissions for the unknown SID then create the new

permissions for Domain Admins? It seems like you're trying to do something

that is overly complicated to achieve a simple goal.

 

--

Kerry Brown

MS-MVP - Windows Desktop Experience: Systems Administration

http://www.vistahelp.ca/phpBB2/

http://vistahelpca.blogspot.com/

 

 

 

"Schellhaas" <Schellhaas@discussions.microsoft.com> wrote in message

news:044FE54D-A038-43F9-8D26-3D11E0D75E42@microsoft.com...<span style="color:blue">

> Hello ppl,

>

> i want to replace a SID on a Network Share, its an EMC Cellerra

> Fileserver.

> The SID belongs to a non existent local Group of a Computer, and shall be

> replaced with the Domain Admins.

> Now the Problem is: i can see the SID when i do a icacls . /save blabla /t

> eg:

> D:AI(A;;FA;;;S-1-5-21-843271493-14817-88053947-544)(A;ID;FA;;;S-1-5-21-3293502084-2983367093-3279364434-3974)(A;ID;FA;;;DA)

> ./gempc.doc

> its the first SID.

> Now i can do a search fo my own SID by Number:

> icacls . /findSID S-1-5-21-3293502084-2983367093-3279364434-3974 /t

> and it is found. now i do a search for the SID to be replaced:

> icacls ./ /findSID S-1-5-21-843271493-14817-88053947-544 /t

> Es wurde keine Dateien mit übereinstimmender SID gefunden. <-- none is

> found

>

> how can that be ? what do i do wrong ? my own SID is inherited, the other

> is

> added explcitely

>

> thanks for hints </span>

Guest Schellhaas

Guest Schellhaas

Posted
Posted

Well i have those SIDs in various locations. Only the Share for users

homefolders has >700k folders alone. If i would know icacls could search and

replace this SID i would give icacls like 2 Days of work.....

Guest Kerry Brown

Guest Kerry Brown

Posted
Posted

Subinacl may be able to do this.

 

http://www.microsoft.com/downloads/details...&displaylang=en

 

--

Kerry Brown

MS-MVP - Windows Desktop Experience: Systems Administration

http://www.vistahelp.ca/phpBB2/

http://vistahelpca.blogspot.com/

 

 

 

 

"Schellhaas" <Schellhaas@discussions.microsoft.com> wrote in message

news:3498B7A8-2F22-4314-8402-111879D308C5@microsoft.com...<span style="color:blue">

> Well i have those SIDs in various locations. Only the Share for users

> homefolders has >700k folders alone. If i would know icacls could search

> and

> replace this SID i would give icacls like 2 Days of work..... </span>

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...