home *** CD-ROM | disk | FTP | other *** search
- Security Functions
-
-
- SUMMARY
- =======
-
- The SIDCLN sample demonstrates some of the security functions. It
- provides a sample utility that recovers on-disk resources that remain
- allocated to deleted user accounts.
-
- MORE INFORMATION
- ================
-
- The on-disk resources recovered are:
-
- - Files that are still owned by accounts that have been deleted are
- assigned ownership to the account logged on when this sample is run.
-
- - ACEs for deleted accounts are deleted from the ACLs of files to which
- the deleted accounts had been granted authorizations (such as Read
- access).
-
- It may be that running this sample as a utility has no practical value in
- many environments, as the number of files belonging to deleted user accounts
- will often be quite small and the number of bytes recovered on disk by
- editing out ACEs for deleted accounts may not be worth the time it takes to
- run this sample. This time can be significant when processing an entire hard
- disk or partition.
-
- Note: This sample is not a supported utility.
-
- Usage
- -----
-
- You must log on using an account that has the privilege to take file
- ownership and edit ACLs, such as Administrator.
-
- The ACL editing part of this sample can only be exercised for files on an
- NTFS partition.
-
- Typical test scenario
- ---------------------
-
- Create a user account or two and log on as each of these accounts in turn.
- While logged on for each account, go to an NTFS partition and create a
- couple of files so the test accounts each own a few files. Use the File
- Manager or Windows Explorer to edit permissions for those files, so that
- each test user has some authorities (such as Read) explicitly granted for
- those files. Log on as Administrator and authorize each test user to a few
- Administrator-owned files. Delete the test accounts. Run the sample in the
- directories where you put the files that the test accounts own.
-
