Then I came across another permission granting utility known as SetACL. It worked like a charm. So you can try using this utility is Subinacl fails.
You can download SetACL from http://helgeklein.com/download/
Here is an example to run SetACL to give registry permissions.
"SetACL.exe" -on "hkcr\Interface" -ot reg -actn setowner -ownr "n:Administrators"
"SetACL.exe" -on "hkcr\Interface" -ot reg -actn ace -ace "n:Users;p:full"
- Object name (-on): This is the path to the object SetACL should operate on (file/directory/registry key/network share/service/printer).
- Object type (-ot): What kind of object does the object name refer to: file or directory (file), registry key (reg), service (srv), printer (prn), network share (shr)?
- Action (-actn): What should SetACL do with the object specified?
A lot more details and description can be found at this awesome site: http://helgeklein.com/setacl/documentation/command-line-version-setacl-exe/
3 comments:
Did the registry key contain an asterisk (*) anywhere in it? I have run into this issue before with subinacl but SetAcl has no problem with asterisks.
http://bohemiantribe.blogspot.com/2007/11/subinacl-is-great-but.html
Yes, no problem with * in SetACL. worked fine.
Post a Comment