Annotation of mstools/samples/sidcln/readme.txt, revision 1.1.1.1
1.1 root 1: Sample: Demonstration of the Win32 Security API Functions
2:
3: Summary:
4:
5: The SIDCLN sample demonstrates some of the Win32 security
6: API functions, and provides a sample of how a utility could
7: be written that recovers on-disk resources remaining
8: allocated to deleted user accounts.
9:
10: More Information:
11:
12: The on-disk resources recovered are:
13:
14: Files that are still owned by accounts that have been
15: deleted are assigned ownership to the account logged on
16: when this sample is run.
17:
18: ACEs for deleted accounts are edited (deleted) out of
19: the ACLs of files to which the deleted accounts had been
20: granted authorizations (eg., Read access)
21:
22: It may be that running this sample as a utility has no
23: practical value in many environments, as the number of files
24: belonging to deleted user accounts will often be quite
25: small, and the number of bytes recovered on disk by editing
26: out ACEs for deleted accounts may well not be worth the time
27: it takes to run this sample. The time it takes to run this
28: sample may be quite significant when processing an entire
29: hard disk or partition
30:
31: Note: This sample is not a supported utility.
32:
33: TO RUN:
34:
35: You must log on using an account, such as Administrator,
36: that has the priviledges to take file ownership and edit
37: ACLs
38:
39: The ACL editing part of this sample can only be
40: excercised for files on a partition that has ACLs NT
41: processes: NTFS
42:
43: Typical test scenario: Create a user account or two, log on
44: as each of these accounts in turn, while logged on for each
45: account, go to an NTFS partition, create a couple of files
46: so the test accounts each own a few files, use the file
47: manager to edit permissions for those files so that each
48: test user has some authorities (e.g., Read) explicitly
49: granted for those files. Logon as Administrator, authorize
50: each test user to a few Administrator-owned files. Delete
51: the test accounts. Run the sample in the directories where
52: you put the files the test accounts owned or were authorized
53: to
unix.superglobalmegacorp.com
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to readme.txt CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / samples / sidcln