Hi guys,

Any one of please tell me how to use secedit and cacls.exe.

0 Comments   [ - ] Hide Comments


Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity


did try using -help option? google for the basic usage, you can find lots of examples.

If you are looking for a very specific question post it here..
Answered 04/27/2006 by: nvdpraveen
Orange Belt

Please log in to comment
The place to start to work with secedit is mmc.
Start your mmc and load the two security snap-ins.
Create a new template.
Define your needed rights within that template and save it. (Default path is windows\security\templates). The file will be saved as .inf.
Now convert your .inf into a .sdb file.
Right click the 'security configuration an analyse' snap-in and choose 'open database'.
Define a name and click open.
Then choose the appropriate .inf file and important: activate that little 'clean up' check box.
Your .sdb file is being saved in Documents and Settings\username\My Documents\Security\Database
If you like to test your .sdb file now, right click the 'security configuration and analyse' snap-in once again and choose 'configure now'.
To apply this newly created .sdb file to different machines, include it within an MSI:
Create a Custom Action which does the following:
[SystemFolder]secedit /configure /db yourfile /quiet

Hope that helps

Good luck

Answered 04/27/2006 by: rpfenninger
Second Degree Green Belt

Please log in to comment
Secedit I'm not too certain on, but I really do not recommend using cacls or even xcacls - both are extremely poor at NTFS propagation to existing child objects. Over the last year I've migrated the data off of over 40 Novell servers over to Windows file servers and had to find ways to redo all the old Novell permissioning using NTFS, and this involved alot of batch files and VB scripting, and I used a free utility called FILEACL that does what cacls and xcacls were supposed to do. The guy who made it provides adequate yet brief documentation that should enable you to get anything done with it that you might attempt with cacls or xcacls.
Answered 04/27/2006 by: fosteky
Purple Belt

Please log in to comment
Answered 04/27/2006 by: anitha_accen
Blue Belt

Please log in to comment