Reg ACL

[Robert]

I am trying to reset our W2k DC registry permissions back
to their defaults. While checking an ACL, I came across a
group/user called "Restricted". Does anyone know what this
is and what it is used for?

 

[Steven L Umbach]

Hi Robert. The only reference I could find is that it is used in XP - "Used by a
process that is executing in a restricted security context" - page 57 in the
Microsoft Windows security Resource Kit. Possibly it was added to W2K in later
service packs. Also see link below on how to restore default settings using secedit.
You could use the example command and append /areas regkeys. --- Steve


http://support.microsoft.com/default.aspx?scid=kb;EN-US;313222

 

[Dave Christiansen [MS]]

The Restricted SID limits what access can be granted other sids when someone
is accessing the object using a restricted token. This is a mechanism
designed to make it easier to run untrusted code safely.

For information about restricted tokens, start with
http://msdn.microsoft.com/library/d...en-us/security/security/restricted_tokens.asp

For information about other well-known sids, see
http://www.microsoft.com/windows200...chinfo/reskit/en-us/distrib/dsfe_sid_YOKV.asp


--
This message is provided "AS IS" with no warranties, and confers no rights.
This message originates in the State of Washington (USA), where unsolicited
commercial email is legally actionable (see
http://www.wa.gov/ago/junkemail).
Harvesting of this address for purposes of bulk email (including "spam") is
prohibited unless by my expressed prior request. I retaliate viciously
against spammers and spam sites.

 

[Guest]

Thanks for trying guys, but I am still baffled as to why
it is in the HKUsers and HKLM ACL's.