Remove SID with ICACLS

Posted by chris on Server Fault See other posts from Server Fault or by chris
Published on 2010-07-30T08:58:11Z Indexed on 2011/01/14 9:55 UTC
Read the original article Hit count: 412

Filed under:
|
|

I am trying to remove an obsolete SID (the account was apparently deleted).

I've tried to run the following on the server (win2003) and a client (win7):

icacls c:\path /remove *S-1-5-21-1883347182-1220252494-433279356-1095 /T

But I always get the output

Successfully processed 0 files; Failed processing 0 files

without it doing anything. How can I get it to work?

Update:

I've used AccessEnum to get the SID because icacls only says "No mapping between account names and security IDs was done." but doesn't show the sid.

The output from AccessEnum is:

"Path"  "Read"  "Write" "Deny"  
"c:\path"   "Administrators, S-1-5-21-1883347182-1220252494-433279356-1095, ..."    "Administrators, S-1-5-21-1883347182-1220252494-433279356-1095, ..."    ""  

© Server Fault or respective owner

Related posts about windows-server-2003

Related posts about security