Filtered articles: "SetACL"

Filtered articles: "SetACL"
Permissions on redirected folders - Use the scripting force

One of Profile Migrator’s new features in version 2.3 is the new licensing model for service providers and integrators. Coincidentally one of those recently reported an issue with Profile Migrator and redirected folders. During his tests the service provider relocated redirected folders while migrating profiles from Server 2003 to Server 2008. Unfortunately after logging on migrated users received an error message telling them that they had no access to their redirected data. So what happened?
holger's picture
Announcing SetACL Studio - The Power of SetACL in a Great UI

SetACL is well-known as a powerful and versatile tool for managing permissions in nearly all corners of the Windows operating system. In fact it is so powerful that the command-line options may be overwhelming at first. But, hey, power comes at a price, right?

Wrong. While it is nearly impossible to pack tons of features into a command-line program without the command line becoming complex, the same is not true for GUI applications.
helge's picture
Migrate user profiles to a new domain with Profile Migrator 1.1
Published by Holger Adam on 10/08/2010 | 2 Comments | 8,269 Views

Since the release of Profile Migrator 1.0 we have received a lot of positve feedback and feature suggestions. While we are working on adding support for profile migration from client computers in the next major release, the beta version of Profile Migrator 1.1 is out.
holger's picture
Free Script: User Profile Domain Migration with SetACL

When administrators migrate user accounts between domains, they typically re-ACL those server ressources users have access to. In plain English: they copy or move the permissions from the accounts of the old domain to the corresponding accounts of the new domain. There are various ways to do that. In this article, I present a simple way to re-ACL roaming user profiles.
helge's picture
Permissions: A Primer, or: DACL, SACL, Owner, SID and ACE Explained
Published by Helge Klein on 03/13/2009 | 5 Comments | 10,935 Views

Every object that can have an security descriptor (SD) is a securable object that may be protected by permissions. All named and several unnamed Windows objects are securable and can have SDs, although this is not widely known. There does not even exist a GUI for manipulating the SDs of many object types! Have you ever tried to kill a system process in Task Manager and got the message "Access denied"? This is due to the fact that this process' SD does not allow even administrators to kill the process. But it is, of course, possible, as an administrator, to obtain the necessary permissions, provided a GUI or some other tool is available.
helge's picture
How to Prevent Users from Changing Permissions on File Servers

On file servers in corporate environments one typically does not want users to change permissions, even on their own files. It might seem that it would be sufficient to simply grant change permissions instead of full control, but unfortunately that is not the case. The problem is that whenever a new file gets created, the user creating the file will be its owner. And owners can always change permissions, regardless of the contents of the DACL.
helge's picture

Most Viewed Posts
155,450 Views
Where is the Hosts File on Windows x64?
by Helge Klein (06/04/2009)
83,172 Views
Deleting a Local User Profile - Not as easy as one Might Assume
by Helge Klein (10/16/2008)
53,149 Views
Printer Driver Isolation in Windows 7 and Server 2008 R2
by Helge Klein (04/08/2009)
44,286 Views
How to Reduce the Size of Roaming Profiles
by Helge Klein (11/17/2008)
32,177 Views
Aufbau einer KMS Infrastruktur
by Thorsten Christoffers (03/19/2009)
sepago @ facebook sepago @ twitter sepago newsfeed