Andrew Gardner
March 3rd 06, 10:34 PM
Is there a way to audit the ACL lists for a directory hierarchy for
problems? and
What is the best way to clean up any issues?
When opening the security tab on a random selection of directories, I'm
getting the warning message "The permissions on <dir_name> are incorrectly
ordered, which may cause some entries to be ineffective. Press OK to
continue and sort the permissions correctly, or Cancel to reset the
Permissions."
I did find kbid=322293, http://support.microsoft.com/?kbid=322293 describing
a similar known issue. However, the 2 systems on which I've seen this have
both been using XP Pro SP2 for a long time, and have a dll version later
than the quoted hotfix version in the kb article.
I don't recognize any pattern to the affected directories. Within a
directory, some subdirectories are affected, others have a good ACL list.
Date/time of creation doesn't seem to be relevant. I've seen the warning on
some old directories [created in 2003], and I've seen it for directories
created recently [pictures downloaded from camera].
Cancelling to reset the permissions, gives Everyone permission on the
directories ... which is definitely undesirable. Pressing the OK option,
generates a mixture of inherited and specific permissions which is even more
of a pain to manually tidy up.
Any suggestions on how to audit the ACL lists? and how to clean them up
would be appreciated.
Andrew
problems? and
What is the best way to clean up any issues?
When opening the security tab on a random selection of directories, I'm
getting the warning message "The permissions on <dir_name> are incorrectly
ordered, which may cause some entries to be ineffective. Press OK to
continue and sort the permissions correctly, or Cancel to reset the
Permissions."
I did find kbid=322293, http://support.microsoft.com/?kbid=322293 describing
a similar known issue. However, the 2 systems on which I've seen this have
both been using XP Pro SP2 for a long time, and have a dll version later
than the quoted hotfix version in the kb article.
I don't recognize any pattern to the affected directories. Within a
directory, some subdirectories are affected, others have a good ACL list.
Date/time of creation doesn't seem to be relevant. I've seen the warning on
some old directories [created in 2003], and I've seen it for directories
created recently [pictures downloaded from camera].
Cancelling to reset the permissions, gives Everyone permission on the
directories ... which is definitely undesirable. Pressing the OK option,
generates a mixture of inherited and specific permissions which is even more
of a pain to manually tidy up.
Any suggestions on how to audit the ACL lists? and how to clean them up
would be appreciated.
Andrew