Gathering Security Descriptor Information Using Checked Version of Cacls.exe
ID: Q223006
|
The information in this article applies to:
-
Microsoft Windows NT Server version 4.0
SUMMARY
Administrators can use the Cacls.exe command-line tool to view and change access control lists (ACLs) on the security descriptors of file system objects.
The checked version of Cacls.exe provides an additional switch (/b) that includes command-line access to much more detailed information about the contents of the security descriptor.
MORE INFORMATION
The /b switch is used with a following number that specifies the type of additional information to provide.
| Cacls <filename> /b <#> |
Information provided |
|---|
| 1 |
Displays the SIDS for each user in the security descriptor |
| 2 |
Displays access masks for each entry |
| 4 |
Displays any returned errors |
| 8 |
Displays the location of any returned errors |
| 0x10 |
Provides verbose output |
| 0x20 |
Provides even more verbose output |
| 0x40 |
Enumerate object names |
| 0x80 |
Enumerate failures |
| 0x100 |
Enumerate starts and returns |
| 0x200 |
Enumerate extra data |
| 0x400 |
Show size allocation data |
| 0x800 |
Displays enumeration of files only |
Additional query words:
Keywords : kbtool
Version : winnt:4.0
Platform : winnt
Issue type : kbinfo