icacls Problem, any Ideas ?

S

Schellhaas

Hello ppl,

i want to replace a SID on a Network Share, its an EMC Cellerra Fileserver.
The SID belongs to a non existent local Group of a Computer, and shall be
replaced with the Domain Admins.
Now the Problem is: i can see the SID when i do a icacls . /save blabla /t eg:
D:AI(A;;FA;;;S-1-5-21-843271493-14817-88053947-544)(A;ID;FA;;;S-1-5-21-3293502084-2983367093-3279364434-3974)(A;ID;FA;;;DA)
../\gempc.doc
its the first SID.
Now i can do a search fo my own SID by Number:
icacls . /findSID *S-1-5-21-3293502084-2983367093-3279364434-3974 /t
and it is found. now i do a search for the SID to be replaced:
icacls ./ /findSID *S-1-5-21-843271493-14817-88053947-544 /t
Es wurde keine Dateien mit übereinstimmender SID gefunden. <-- none is found

how can that be ? what do i do wrong ? my own SID is inherited, the other is
added explcitely

thanks for hints
 
K

Kerry Brown

Why not just delete the permissions for the unknown SID then create the new
permissions for Domain Admins? It seems like you're trying to do something
that is overly complicated to achieve a simple goal.
 
S

Schellhaas

Well i have those SIDs in various locations. Only the Share for users
homefolders has >700k folders alone. If i would know icacls could search and
replace this SID i would give icacls like 2 Days of work.....
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows XP Wierd profile problem 2
Admin Denied ! Again 2
SP2 DCOM COM+ Activation problem with Window 2000 1
Window 2003 Logon Problem after upgrading Window 2000 0
Logon problem - Profile locked - Temporary profile created 3
Re: Findstr problem within batch 5
EZbios writes to drive it was not installed on. 5
testdisk and findpart problem 8

Top