Posted on 2013-06-10
Has anyone every run the AccessChk utility from Sys internals?
I am a bit perplexed by the findings?
I've run accesschk "domain users" across my H:\profile\desktop folder, and it returns lots of entries (i.e. indicating domain users can access my H:\profile\desktop folder".
It I run CACLS over the same folder, theres no entry for "domain users", so all I can imagine is CACLS is purely NTFS (directory) permissions, whereas accesschk is a cumulative of share/directory permissions?