aquasw
asked on
CACLS command
Please help ,
I encountered problems while using the CACLS command.
I am getting “Account Domain not found” while running this command on a share directory on remote server. I am the owner of this directory, the share is open for everyone with full permissions, the following users have full security permissions on this folder: administrator and userA I can not see userA. As follows:
C:\Program Files\Resource Kit>cacls v:\security\dir2
v:\security\dir2 BUILTIN\Administrators:(OI
<Account domain not found>(OI)(CI)F
Thanks
I encountered problems while using the CACLS command.
I am getting “Account Domain not found” while running this command on a share directory on remote server. I am the owner of this directory, the share is open for everyone with full permissions, the following users have full security permissions on this folder: administrator and userA I can not see userA. As follows:
C:\Program Files\Resource Kit>cacls v:\security\dir2
v:\security\dir2 BUILTIN\Administrators:(OI
<Account domain not found>(OI)(CI)F
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you are seeing SID information in File ACL then it is showing the same issue that you were seeing with CACL's - which brings us full circle again.
Two things may be going on here then.
1. You are unable to resolve the account to the domain from the machine you are running CACL's on
2. The Folder has been permissioned for a user account that has been removed from the domain - this will leave you with just the SID behind - If you can add another account to the folder and CACL'/Fileacl resolves it to a user name then the deleted account is the most likely cause.
If you determine that the account has been deleted you can remove the sid from the folder ACL. There is one caveat though, if you work in an AD environment which was migrated from an NT4 domain with SID History then you should leave the sid in place - it will still be granting access to the resource.
Two things may be going on here then.
1. You are unable to resolve the account to the domain from the machine you are running CACL's on
2. The Folder has been permissioned for a user account that has been removed from the domain - this will leave you with just the SID behind - If you can add another account to the folder and CACL'/Fileacl resolves it to a user name then the deleted account is the most likely cause.
If you determine that the account has been deleted you can remove the sid from the folder ACL. There is one caveat though, if you work in an AD environment which was migrated from an NT4 domain with SID History then you should leave the sid in place - it will still be granting access to the resource.
ASKER