« Command line windows » : différence entre les versions
De Banane Atomic
Aller à la navigationAller à la recherche
| Ligne 91 : | Ligne 91 : | ||
|- | |- | ||
| DT || SERVICE_PAUSE_CONTINUE | | DT || SERVICE_PAUSE_CONTINUE | ||
|- | |||
| DC || SERVICE_CHANGE_CONFIG (Change service configuration) | |||
|- | |- | ||
| AU || Authenticated Users | | AU || Authenticated Users | ||
Version du 7 février 2022 à 18:49
Users and groups
|
# list local users net user # display account information (groups of which he is a member) net user [username] # create an account net user /add [username] # it prompts the password # list local groups net localgroup # list the users of a group net localgroup [groupname] # add a user to a group net localgroup administrators [username] /add |
Access Control Lists
|
|
# save the DACLs of c:\folder\file.ext to c:\folder\acl.txt icacls c:\folder\file.ext /save c:\folder\acl.txt # restore the DACLs of c:\folder\file.ext from c:\folder\acl.txt icacls c:\folder\file.ext /restore c:\folder\acl.txt # grant to User1 the Delete and Write DAC permissions to c:\folder\file.ext icacls c:\folder\file.ext /grant User1:(d,wdac) |
| Code | Description |
|---|---|
| F | Full access |
| M | Modify access |
| RX | Read and execute access |
| R | Read-only access |
| W | Write-only access |
Service Controller
|
|
# display the current permissions for MyService as an SDDL string sc sdshow MyService # set the permissions for MyService sc sdset MyService "D:(A;;...)(A;;RPWPCR;;;S-1-5-21-2133228432-2794320136-1823075350-1000)S:(...)" # get the SID of the current user whoami /user |
| Code | Description |
|---|---|
| S: | System Access Control List (SACL) |
| D: | Discretionary ACL (DACL) |
| A | Allow |
| D | Deny |
| CC | SERVICE_QUERY_CONFIG (request service settings) |
| LC | SERVICE_QUERY_STATUS (service status polling) |
| SW | SERVICE_ENUMERATE_DEPENDENTS |
| LO | SERVICE_INTERROGATE |
| CR | SERVICE_USER_DEFINED_CONTROL |
| RC | READ_CONTROL |
| RP | SERVICE_START |
| WP | SERVICE_STOP |
| DT | SERVICE_PAUSE_CONTINUE |
| DC | SERVICE_CHANGE_CONFIG (Change service configuration) |
| AU | Authenticated Users |
| BA | Built-in administrators |
| IU | Interactively logged-on user |
| SU | Service logon user |
| WD | Everyone |
