The strings are part of the Security Description Definition Language (available with W2K). For further information see the platform sdk (platform sdk documentation/security/access control/access control reference/security descriptor definition language). You may convert strings to security descriptors and vice versa with the ConvertStringSecurityDescriptorToSecurityDescriptor and ConvertSecurityDescriptorToStringSecurityDescriptor calls. Use Win32::API do call these functions. Jens -----Original Message----- From: Perry Vessels [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 19, 2001 12:14 AM To: [EMAIL PROTECTED]; '[EMAIL PROTECTED]' Subject: Help Decoding Permissions Being Set I'd like to write a script to decode the permissions being set through various group policy files (e.g., basicdc.inf) and be able to compare them to permissions already set (and be able to role them back) on the same registry elements. I cannot find any documentation on what the actual format is though, or if they are support in any current modules. Example from Basicdc.inf : "MACHINE\SYSTEM\CurrentControlSet\Control\LSA",2,"D:P(A;CI;GR;;;AU)(A;CI;GR; ;;SO)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)" "MACHINE\SYSTEM\CurrentControlSet\Control\PriorityControl",2,"D:P(A;CI;GR;;; AU)(A;CI;GR;;;SO)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)" "MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions",2,"D:P(A;CI;GR;;;A U)(A;CI;GR;;;SO)(A;CI;GA;;;BA)(A;CI;GA;;;SY)" "MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg",2,"D:P(A ;CI;GA;;;BA)(A;CI;GR;;;BO)" "MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Security",2,"D:P(A;CI;GR;;;BA) (A;CI;GA;;;SY)(A;CI;GA;;;CO)" Thanks in advance. Perry _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] http://listserv.ActiveState.com/mailman/listinfo/perl-win32-admin _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] http://listserv.ActiveState.com/mailman/listinfo/perl-win32-admin
RE: Help Decoding Permissions Being Set
Helberg Jens (QI/LBS1-Bue) * Tue, 19 Jun 2001 00:12:20 -0700
- Help Decoding Permissions Being Set Perry Vessels
- Helberg Jens (QI/LBS1-Bue) *
