Solved

Can I use playfile with the newer tool ICACL? WHat would be the command?

Posted on 2016-11-08
12
63 Views
Last Modified: 2016-11-19
I had this question after viewing Newer Security translation tools alike subinacl for Windows 10.

Can I use playfile with the newer tool ICACL? WHat would be the command
0
Comment
Question by:creative555
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
You should be able to create something similar with /Save and /Restore options. It will only work for files, though.
0
 
LVL 18

Expert Comment

by:Peter Hutchison
Comment Utility
I use a new tool called Setacl.exe to replace Subinacl. You can get it from https://helgeklein.com/setacl/.
0
 

Author Comment

by:creative555
Comment Utility
Does setacl works with Win 10? I have subinacle fail on Cortana folder all the time.

Below is where I need to add target user permissions:

This is from  Subinacle log.
+subkeyreg HKEY_USERS\S-1-5-21-727705047-903972831-1544914777-2009
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039
+subkeyreg HKEY_USERS\S-1-5-21-727705047-903972831-1544914777-2009_Classes
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039
+subkeyreg HKEY_USERS\S-1-5-21-727705047-903972831-1544914777-2009_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion
/replace=S-1-5-21-727705047-903972831-1544914777-2009=S-1-5-21-3776012894-3702078199-3568858750-2039
+keyreg HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3776012894-3702078199-3568858750-2039
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039=QSCEYLDA
+subdirectories C:\Users\luca.dellamore
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039
+subdirectories C:\Users\luca.dellamore\*.*
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039

What command do you use with the setacle tool? Does it do files and registry?
0
 

Author Comment

by:creative555
Comment Utility
Actually, I have read the requirements for setacl and I didn't see Win 10 mentioned there. Did you test with Win 10 version?


System Requirements

SetACL works on all Windows NT based operating systems from Windows XP onwards. The newer, the better. This includes: Windows XP, Windows Server 2003 (R2), Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2, Windows 8, Windows Server 2012.
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
Setacl works on win10.
Icacls does not work on folders, Qlemo? Here it does on folders but there are some effects that I find irregular, I will look into it again with more time.
0
 
LVL 68

Accepted Solution

by:
Qlemo earned 250 total points
Comment Utility
icacls works on folders, MäckMesser, at least I never heard anything different. Anyway, it does not work here as registry permission changes are required too.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 250 total points
Comment Utility
Cool Emu, why call me McMesser? Election day humor?
Ok, right, it is about registry keys, but still, icacls works on folders, I used it with save and restore. But for the registry, he should look at setacls, right.
0
 

Author Comment

by:creative555
Comment Utility
thank you so much! So I should try icacls for folders with save and restore. But for the registry, I should look at setacls, right?

 I am new to scripting.  Could you pls suggest the command/switches that I should be running since you used these tools before.

thanks again.


I wonder if we are dealing with file locked for exclusive access when subinacle hangs...What do you think? How does those tools deal with locked files?
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
To be honest: don't ask for other to give you switches. Learn it. Don't rely on others in these matters. It is very easy and well-documented.
"Locked"? There's no indication of that. Could simply be a bug.
0
 

Author Comment

by:creative555
Comment Utility
good comment. Thank you so much! I will try out and let you know the resutls
0
 

Author Comment

by:creative555
Comment Utility
Still trying out. Will have the results today or tomorrow :)
0
 

Author Closing Comment

by:creative555
Comment Utility
thank you so much both! Yes. icacl worked!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now