Remove SID with ICACLS
Posted
by
chris
on Server Fault
See other posts from Server Fault
or by chris
Published on 2010-07-30T08:58:11Z
Indexed on
2011/01/14
9:55 UTC
Read the original article
Hit count: 406
I am trying to remove an obsolete SID (the account was apparently deleted).
I've tried to run the following on the server (win2003) and a client (win7):
icacls c:\path /remove *S-1-5-21-1883347182-1220252494-433279356-1095 /T
But I always get the output
Successfully processed 0 files; Failed processing 0 files
without it doing anything. How can I get it to work?
Update:
I've used AccessEnum to get the SID because icacls only says "No mapping between account names and security IDs was done." but doesn't show the sid.
The output from AccessEnum is:
"Path" "Read" "Write" "Deny"
"c:\path" "Administrators, S-1-5-21-1883347182-1220252494-433279356-1095, ..." "Administrators, S-1-5-21-1883347182-1220252494-433279356-1095, ..." ""
© Server Fault or respective owner