![]() |
![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() |
|
Welcome to Vista Forums we are your forum for Windows Vista help and discussion. Whether you need help or just want to post an idea you have on Vista, this is the forum for you.
br> br> |
| |||||||
|
| | Thread Tools | Display Modes |
| | #1 (permalink) |
| Guest | Permissions on SUBST.EXE, ATTRIB.EXE, et al getting reset For some reason, my Vista Enterprise system has reset permissions on a number of EXEs in the windows system32 dir and now I have to elevate to execute attrib.exe and subst.exe. This isn't the case on my home Vista Ultimate PC. What's even weirder is that when the perms get screwed up the properties dialog for that file looks like you are editing a .PIF file. It has a whole bunch of extra tabs related to console stuff. The following EXEs are affected: C:\Windows\System32\at.exe C:\Windows\System32\attrib.exe C:\Windows\System32\cacls.exe C:\Windows\System32\debug.exe C:\Windows\System32\DRWATSON.EXE C:\Windows\System32\edlin.exe C:\Windows\System32\eventcreate.exe C:\Windows\System32\ftp.exe C:\Windows\System32\net.exe C:\Windows\System32\net1.exe C:\Windows\System32\netsh.exe C:\Windows\System32\reg.exe C:\Windows\System32\regedt32.exe C:\Windows\System32\regsvr32.exe C:\Windows\System32\runas.exe C:\Windows\System32\sc.exe C:\Windows\System32\subst.exe C:\Windows\System32\telnet.exe Their ACLs are: AccessToString : NT AUTHORITY\INTERACTIVE Allow ReadAndExecute, Synchronize NT AUTHORITY\SYSTEM Allow FullControl BUILTIN\Administrators Allow FullControl And they should be: AccessToString : NT AUTHORITY\SYSTEM Allow ReadAndExecute, Synchronize BUILTIN\Administrators Allow ReadAndExecute, Synchronize BUILTIN\Users Allow ReadAndExecute, Synchronize NT SERVICE\TrustedInstaller Allow FullControl What's annoying the hell out of me is that: 1) I can't add TrustedInstallers back to the ACLs list - it says it doesn't exist 2) I add back Users with ReadAndExecute and a few days later that entry has been stripped out (again) Anybody have any idea what is going on? I suspect either Group Policy or System File Protection but I'm not sure how to find out if that is what is causing this. -- Keith |
My System Specs![]() |
| | #2 (permalink) | ||||||||||||
| Guest | RE: Permissions on SUBST.EXE, ATTRIB.EXE, et al getting reset Could there be a group policy that is setting these permissions? Do you have some third-party security guide installed? TrustedInstaller doesn't exist. It is a service, not a user. You would need to use icacls to add it to an ACL. --- Your question may already be answered in Windows Vista Security: http://www.amazon.com/gp/product/047...otectyourwi-20 "Keith Hill" wrote:
| ||||||||||||
My System Specs![]() | |||||||||||||
|
| Thread Tools | |
| Display Modes | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Users group can't run attrib.exe or subst.exe | Keith Hill [MVP] | Vista account administration | 2 | 09-28-2007 01:14 PM |
| Users can't run subst.exe or attrib.exe ?? | Keith Hill [MVP] | Vista file management | 0 | 09-26-2007 07:51 PM |
| Admin permissions reset | ScotWat | Vista account administration | 0 | 09-20-2007 02:46 AM |
| Reset Permissions | Mícheál | PowerShell | 1 | 08-30-2007 04:32 AM |
| NTFS Security Permissions (HOW TO RESET?) | Mike (Bryett Enterprise LTD) | Vista security | 4 | 06-14-2006 01:54 PM |
| Complimentary Industry Resources Vista Forums has joined forces with TradePub.com to offer you a new, exciting, and entirely free professional resource. Visit http://vistax64.tradepub.com today to browse our selection of complimentary Industry magazines, white papers, webinars, podcasts, and more across 34 industry sectors. No credit cards, coupons, or promo codes required. Try it today! |