Security descriptor recipes

See also: all the recipes and the intro For a nicer introduction, please read my series of posts on security descriptors. Here are just the short recipes (partially overlapping with that series). # Privileges and SDDL http://msdn.microsoft.com/en-us/library/windows/desktop/aa379306%28v=vs.85%29.aspx # Changing ACLs from PowerShell http://technet.microsoft.com/en-us/magazine/2008.02.powershell.aspx # ACL/SDDL in .NET https://msdn.microsoft.com/en-us/library/ms229925%28v=vs.110%29.aspx # Control of permissions in PowerShell http://stackoverflow.com/questions/7690994/powershell-running-a-command-as-administrator…

0

Security descriptors, part3: raw descriptors and PowerShell

<< Part 2 In this part I’ll get to the manipulation of the security descriptors with PowerShell. I’ll deal with the code a bit differently than in the previous part: the whole code is attached as a file, and I show only the examples of the use and the highlights of the implementation in the…

0

Security descriptors, part 2: principals, SIDs and PowerShell

<< Part 1 Part 3 >> Now let’s get to the code examples. Dealing with the security descriptors requires dealing with the identities of users and groups (i.e. principals), and it’s a pain. In a lot of places they have to be represented as SIDs in either the binary or text format, and these conversions are…

0

Security descriptors, part 1: what they are, in simple words

Part 2 >> I’ve been dealing with the security descriptors recently. I’ve figured out for myself, what different concept around them mean, and wrote a few helper functions to deal with them in PowerShell. Now I want to do a brain-dump of it all, starting with the concepts, and the PowerShell examples will be forthcoming…

0