Orphaned UserNames on files/folders/etc. in NTFS drive
Day 1 On my windows 7 system, I had added my username as one of the names on the access control list.
Day x I reloaded/clean-load Windows 10 on my system
Day x+1 I have an orphaned guid within the access control list for many of my files.
Is there any tool or procedure whereby I can remove the orphaned guid/username from all of the ACLs on the drive?
My stupid mistakes makes you feel like a genius doesn't it? lolo
Day x I reloaded/clean-load Windows 10 on my system
Day x+1 I have an orphaned guid within the access control list for many of my files.
Is there any tool or procedure whereby I can remove the orphaned guid/username from all of the ACLs on the drive?
My stupid mistakes makes you feel like a genius doesn't it? lolo
Last Comment
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
In answer to your question, Yes.
Every object has a serialized number (including user accounts, user groups, processes, devices, etc.). The Access Control List keeps track of which serialized number can access another serialized number, and what permissions are set. Just think of everything having a serialized number, with permissions attached to them.
If you delete a user named FRED, his serialized number is deleted, and it is removed from the ACL. Effectively, FRED's serialized number is no longer associated with other devices and the permissions he had with those devices are also removed.
If you re-create a user name FRED, he will be assigned a new serialized number. The ACL will recognize this as a new number. Therefore, it will not re-establish any permissions which the deleted FRED account had.
Microsoft also has another built in program to interact with the ACL's, Called Cacls.exe
Which is already installed with the operating system.
Run it from an elevated CMD Prompt
This website gives a good overview of it:.
http://www.techrepublic.com/article/use-caclsexe-to-view-and-manage-windows-acls/
Every object has a serialized number (including user accounts, user groups, processes, devices, etc.). The Access Control List keeps track of which serialized number can access another serialized number, and what permissions are set. Just think of everything having a serialized number, with permissions attached to them.
If you delete a user named FRED, his serialized number is deleted, and it is removed from the ACL. Effectively, FRED's serialized number is no longer associated with other devices and the permissions he had with those devices are also removed.
If you re-create a user name FRED, he will be assigned a new serialized number. The ACL will recognize this as a new number. Therefore, it will not re-establish any permissions which the deleted FRED account had.
Microsoft also has another built in program to interact with the ACL's, Called Cacls.exe
Which is already installed with the operating system.
Run it from an elevated CMD Prompt
This website gives a good overview of it:.
http://www.techrepublic.com/article/use-caclsexe-to-view-and-manage-windows-acls/
ASKER
Thanks Wes. Just had to verify that the warning dialog was not an issue.
Deleting a user in account management does not remove him from any ACL.
ASKER
I misread the answer. You are ENTIRELY correct. Although what I thought Wes meant was just change the ownership of the folder tree on the drive . Doing so caused the orphaned guids in the ACL to be removed.
I am uncertain how to award you the points.
I am uncertain how to award you the points.
Above, at your first posting, there's a button "request attention" where you can ask for a moderator's help to change things.
OS Security
Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.
22K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
Will the deletion of the unwanted id's be recursive?
I believe there is a dialogue box that presents itself when it encounters one of these ids.
Let me check tonight and render a finally decision on your answer tomorrow....
Charlie