Jump to content

SetACL

From Simple English Wikipedia, the free encyclopedia

SetACL
Developer(s)Helge Klein
Stable release
3.0.6 / 7 September 2012
Repository
  • {{URL|example.com|optional display text}}
Engine
    Operating systemMicrosoft Windows
    TypeUtility software
    LicenseFreeware
    Websitehelgeklein.com/setacl

    SetACL is a freeware utility for manipulating security descriptors on Microsoft Windows.[1] It used to be available under the GNU Lesser General Public License (LGPL). It changed to a freeware license in version 3.0.0.0.

    Features[change]

    This list of features is taken from the product's web page.[2]

    • Supports the following object types on Windows 2000 and later
    • Manage permissions on local or remote systems in domains or workgroups.
    • Set multiple permissions for multiple users or groups in a single command.
    • Control how permissions are inherited.
    • List, backup and restore permissions.
    • All operations work on a single object or recursively on a directory or registry tree.
    • Set the owner to any user or group.
    • Unicode support.
    • Remove, replace or copy a user or group from an ACL.
    • Fast performance. This is due to time consuming steps only being performed only once. An example of a time consuming step is the recursing of a large file system.
    • Filter out object names not to be processed.

    Usage[change]

    To set 'change' permissions on the directory 'C:\angela' for user 'brian' in domain 'dom1': 

    SetACL.exe -on "C:\angela" -ot file -actn ace
           -ace "n:dom1\brian;p:change"

    Remove write and change permission sets from Desktop, replace with 'read and execute' permissions: 

    SetACL.exe -on "\\mycomputer\C$\Documents and Settings\username\Desktop" -ot file 
           -actn ace -ace "n:mycomputer\username;p:write,change;m:revoke"
           -ace "n:mycomputer\username;p:read_ex"

    An example of its use from AutoIt can be found here

    Short history[change]

    • March 2001 SetACL program 0.x development begins
    • December 2002 SetACL program 2.x development begins
    • April 2003 2.0 beta 1 released
    • July 2003 2.0 final released
    • September 2003 2.0.1.0 released - Remove, replace or copy all Access Control Entries (ACEs) belonging to users or groups of a specified domain.
    • January 2004 2.0.2 released - ActiveX support. can be used from any language that supports COM including AutoIt, Visual Basic, Perl, VBScript.
    • May 2008 2.0.3 released - 64-bit support
    • August 2010 2.1 released - Improved permission listing

    Notes[change]

    1. SetACL Documentation
    2. SetACL Windows permission management
    Retrieved from "https://wiki.nynox.solutions/index.php?title=SetACL&oldid=280527"