Does someone know a tool that allows to delete orphaned SIDs on a fileserver without the need for any scripting?
Asked
Active
Viewed 1,686 times
1
-
3Hi. Welcome to Server Fault. We require posts to be in English. A Google translation would do. If you post the German as well someone will be able to correct any translation errors. – ChrisF Feb 29 '12 at 15:48
-
@SvenW I'm 85% certain this can be done with PowerShell, giving him a script would probably be as good as a tool... (and Thomas: Don't be afraid of scripting. Microsoft FINALLY gave you PowerShell - A scripting language that doesn't suck - You should use it as much as practical) – voretaq7 Feb 29 '12 at 16:20
-
You can use "SetACL -on D:\ -ot file -actn delorphanedsids" as described here https://helgeklein.com/blog/2012/07/finding-removing-orphaned-sids-in-file-permissions-or-busting-the-ghosts-built-into-windows-7/ You may have to download setacl from https://helgeklein.com/setacl/ – mosh Apr 16 '17 at 12:17
1 Answers
3
You could download SubInACL.
You can use the following format to clean out orpahned SID's
/cleandeletedsidsfrom=domain[=dacl|sacl|owner|primarygroup|all]
If you want this done automagically you can create a script, though I have never done so myself.