troubleshooting Question

Convert SDDL changes to readable format

Avatar of jayrbarrios
jayrbarriosFlag for Singapore asked on
Windows Server 2008
6 Comments1 Solution3696 ViewsLast Modified:
It there any way to have this in a readable format? We need to generate a SDDL to a report for investigation purposes focusing on event id 4670. Thanks in advance.

Process:
      Process ID:      0x137c
      Process Name:      C:\Windows\explorer.exe

Permissions Change:
      Original Security Descriptor:      D:PAI(A;OICI;0x1201bf;;;S-1-5-21-1216582894-834684500-1334827815-316441)(A;OICIIO;FA;;;CO)(A;OICI;FA;;;SY)(A;OICI;FA;;;S-1-5-21-1216582894-834684500-1334827815-458061)
      New Security Descriptor:      D:PARAI(A;OICIIO;FA;;;CO)(A;OICI;FA;;;SY)(A;OICI;0x1201bf;;;S-1-5-21-1216582894-834684500-1334827815-316441)
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 6 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 6 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros