This method overload is equivalent to calling the GetAccessControl(AccessControlSections) method overload with the bitwise combination of the following flags: AccessControlSections.Access, AccessControlSections.Owner, and AccessControlSections.Group.
Various technical articles, IT-related tutorials, software information, and development journals
Tuesday, January 1, 2019
GetAccessControl won't get Registry key audit entries by default
For a recent Super User answer, I needed to manipulate Registry audit entries (SACLs) with PowerShell. After enabling SeSecurityPrivilege I was able to set audit rules just fine, which I checked by using the Registry Editor's permissions editor. But when I tried to use GetAuditRules on the result of GetAccessControl to check my work inside PowerShell, I saw that it always returned an empty list. This had me baffled until I looked at the documentation for GetAccessControl on Registry keys and saw that the zero-parameters overload doesn't request the SACL:
Labels:
windows
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment