|
|
SUBINACL.exe (Resource kit)
Download
Latest update (2004)
Display or modify Access Control
Entries (ACEs) for file and folder Permissions, Ownership and Domain.
Access Control Lists apply only to files stored on an NTFS formatted drive,
each ACL determines which users (or groups of users) can read or edit the file.
When a new file is created it normally inherits ACL's from the folder where
it was created.
Syntax SUBINACL [/noverbose] /object_type object_name [/action=parameter] Key object_type: service e.g. /service Messenger \\ServerName\Messenger keyreg e.g. /keyreg HKEY_CURRENT_USER\Software /keyreg \\Srv\HKEY_LOCAL_MACHINE\KeyPath file e.g. /file *.obj /file c:\test.txt /file \\ServerName\Share\Path subdirectories manipulate files in specified directory and all subdirectories object_name : This will vary according to the object_type - see the examples above action : setowner=owner will change the owner of the object e.g. /setowner=MyDomain\Administrators replace=SamName\OldAccount=DomainName\New_Account will replace all ACE (Audit and Permissions) in the object e.g. /replace=MyOldDomain\Finance=NEWDOM\Finance changedomain=OldDomainName=NewDomainName will replace all ACEs with a Sid from OldDomainName with the equivalent Sid found in NewSamServer e.g. /changedomain=MyOldDomain=NEWDOMAIN This option requires a trust relationship with the server containing the object.
Examples:
See subinacl /help for examples of changing a domain
"Whether a pretty woman grants or withholds her favours, she always
likes to be asked for them" - Ovid
(Ars Amatoria)
Related Commands:
ATTRIB - Display or change file attributes
PERMS - Show permissions for a user
FIXACLS - Restore default privs (Resource Kit supplement 2)
SHOWACL - Show file Access Control Lists (Windows 2000)
XCACLS - Display or modify Access Control Lists (ACLs)
for files and folders
Q245031 - Change Registry
Permissions from the command line
Q265360 - Change multiple
Subdirectory Permissions
Q288129 - Grant users
the right to manage services
Equivalent Linux BASH commands:
chmod - Change access permissions
chown - Change file owner and group