? D (delete)
? RC (read control)
? WDAC (write DAC)
? WO (write owner)
? S (synchronize)
? AS (access system security)
? MA (maximum allowed)
? GR (generic read)
? GW (generic write)
? GE (generic execute)
? GA (generic all)
? RD (read data/list directory)
? WD (write data/add file)
? AD (append data/add subdirectory)
? REA (read extended attributes)
? WEA (write extended attributes)
? X (execute/traverse)
? DC (delete child)
? RA (read attributes)
? WA (write attributes)
When working with directories, you may also assign inheritance rights to the security settings.
Inheritance rights apply to either simple or specific rights. Here??™s the list of inheritance rights.
? (OI) (object inherit)
? (CI) (container inherit)
? (IO) (inherit only)
? (NP) (don??™t propagate inherit)
/Deny SID:Permission Defines the specified user the rights defined by the combination of an
SID and associated permission. When the system adds the specified deny ACE, it also removes
any associated grant ACE that may appear in the user??™s list of rights. See the /Grant command
line switch for an explanation of permissions.
/Remove[:[g|d]] SID Removes all occurrences of the specific SID within an ACL.
Pages:
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976