Solved

Can I use playfile with the newer tool ICACL? WHat would be the command?

Posted on 2016-11-08
12
99 Views
Last Modified: 2016-11-19
I had this question after viewing Newer Security translation tools alike subinacl for Windows 10.

Can I use playfile with the newer tool ICACL? WHat would be the command
0
Comment
Question by:creative555
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 69

Expert Comment

by:Qlemo
ID: 41879483
You should be able to create something similar with /Save and /Restore options. It will only work for files, though.
0
 
LVL 19

Expert Comment

by:Peter Hutchison
ID: 41879598
I use a new tool called Setacl.exe to replace Subinacl. You can get it from https://helgeklein.com/setacl/.
1
 

Author Comment

by:creative555
ID: 41879717
Does setacl works with Win 10? I have subinacle fail on Cortana folder all the time.

Below is where I need to add target user permissions:

This is from  Subinacle log.
+subkeyreg HKEY_USERS\S-1-5-21-727705047-903972831-1544914777-2009
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039
+subkeyreg HKEY_USERS\S-1-5-21-727705047-903972831-1544914777-2009_Classes
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039
+subkeyreg HKEY_USERS\S-1-5-21-727705047-903972831-1544914777-2009_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion
/replace=S-1-5-21-727705047-903972831-1544914777-2009=S-1-5-21-3776012894-3702078199-3568858750-2039
+keyreg HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3776012894-3702078199-3568858750-2039
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039=QSCEYLDA
+subdirectories C:\Users\luca.dellamore
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039
+subdirectories C:\Users\luca.dellamore\*.*
/grant=S-1-5-21-3776012894-3702078199-3568858750-2039

What command do you use with the setacle tool? Does it do files and registry?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:creative555
ID: 41879753
Actually, I have read the requirements for setacl and I didn't see Win 10 mentioned there. Did you test with Win 10 version?


System Requirements

SetACL works on all Windows NT based operating systems from Windows XP onwards. The newer, the better. This includes: Windows XP, Windows Server 2003 (R2), Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2, Windows 8, Windows Server 2012.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 41879988
Setacl works on win10.
Icacls does not work on folders, Qlemo? Here it does on folders but there are some effects that I find irregular, I will look into it again with more time.
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 250 total points
ID: 41880016
icacls works on folders, MäckMesser, at least I never heard anything different. Anyway, it does not work here as registry permission changes are required too.
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 41880024
Cool Emu, why call me McMesser? Election day humor?
Ok, right, it is about registry keys, but still, icacls works on folders, I used it with save and restore. But for the registry, he should look at setacls, right.
0
 

Author Comment

by:creative555
ID: 41880918
thank you so much! So I should try icacls for folders with save and restore. But for the registry, I should look at setacls, right?

 I am new to scripting.  Could you pls suggest the command/switches that I should be running since you used these tools before.

thanks again.


I wonder if we are dealing with file locked for exclusive access when subinacle hangs...What do you think? How does those tools deal with locked files?
0
 
LVL 54

Expert Comment

by:McKnife
ID: 41881042
To be honest: don't ask for other to give you switches. Learn it. Don't rely on others in these matters. It is very easy and well-documented.
"Locked"? There's no indication of that. Could simply be a bug.
0
 

Author Comment

by:creative555
ID: 41881237
good comment. Thank you so much! I will try out and let you know the resutls
0
 

Author Comment

by:creative555
ID: 41891896
Still trying out. Will have the results today or tomorrow :)
0
 

Author Closing Comment

by:creative555
ID: 41894400
thank you so much both! Yes. icacl worked!
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question