SD Edit
|
SD Edit allows you to modify the security descriptor present on a variety of securible objects on Windows NT. It is designed to expose the full functionality of security descriptors across all objects that have them. This tool is designed for experts that need precise control over security descriptors. Do not use this tool for modifications unless you understand exactly how the NT security system works.
Fully functional on Windows 2000 or later. Basic support for Windows NT 3.51 or later. Active Directory support currently requires at least Windows 2000; NT4 not working even with the Active Directory client. Note that versions of Windows prior to 2000 do not support auto-inheritance. No support for Win 9x/ME.
The standard security descriptor editor supplied by the OS is implemented in aclui.dll, and the opportunity to edit the security of various objects is spread throughout various programs and interfaces. However, SD Edit is a better security descriptor editor which gives you much greater control over aclui.dll in many ways. Also, SD Edit can access objects that there is no standard GUI for.
Command-line
sdeditg t <type> [tc <type class>] [n <name>] [cs {1 | 0}] [h <host>] [d <domain>] { [@file] ... } {<module> <module-option> <option-value> ...}
Normally, the only required options are a type and a name, plus the name of a remote host if a object on another computer is being opened.
The license of this software is Free, you can free download and free use this server utility software.