Program to Convert SDDL Security Descriptors Into Human Readable Form?

Discussion in 'Security Software' started by Will, Mar 26, 2008.

  1. Will

    Will Guest

    Is there a utility that takes converts the very hard to read security
    descriptor format SDDL and converts it to a human readable format? For
    example, you can look at the DACL on the Windows Firewall service with the
    command:

    sc sdshow SharedAccess

    This gives the human unfriendly output (for example):

    D:(D;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;NU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;AU)(A;;CCLCSWLOCRRC;;;IU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)

    I would like to find a utility that I could feed the above string to as
    input and have it output a parsed and easier to understand version to the
    DACL.
     
    Will, Mar 26, 2008
    #1
    1. Advertisements

  2. Take a look at SDDLTranslate.exe - you can download it from
    http://tojo2000.com/blog/2006_08_01_tojo2000_archive.html
     
    Andrew Tucker [MSFT], Mar 27, 2008
    #2
    1. Advertisements

  3. Will

    Will Guest

    That is a good one, thank you.

    --
    Will

    Take a look at SDDLTranslate.exe - you can download it from
    http://tojo2000.com/blog/2006_08_01_tojo2000_archive.html
     
    Will, Mar 27, 2008
    #3
  4. see:
    http://blogs.dirteam.com/blogs/jorge/archive/2008/03/26/parsing-sddl-strings.aspx

    --

    Cheers,
    (HOPEFULLY THIS INFORMATION HELPS YOU!)

    # Jorge de Almeida Pinto # MVP Windows Server - Directory Services

    BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
    BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
     
    Jorge de Almeida Pinto [MVP - DS], Mar 27, 2008
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.