baeke.info :: Main Page

About

You arrived at the weblog of Geert Baeke. I am the technology manager for a company called Xylos (Belgium). I mostly work with Microsoft technologies such as Windows, Active Directory, Exchange, Sharepoint, MSCS, and more. I am also actively busy with VMware's products, focussing on VMware ESX.

Sections

Tutorials

Twitter

follow GeertBaeke at http://twitter.com

XBOX 360

RSS Newsfeeds

Main Page RSS

Main Page

« December 15 | December 18 »

Friday, December 16

Use AccessEnum to enumerate and compare security

by rastix on Fri 16 Dec 2005 05:17 PM CET

Over at http://www.sysinternals.com, you can find the AccessEnum utility. It is a simple tool with which you enumerate the access rights of a folder or registry key. You can save the results to a textfile.

The nice feature is that you can compare the saved results to another scan. I used this feature to detect the changes made by the adprep /gprep procedure. After the compare, you can clearly see that the procedure grants rights on all policy folders to NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS.

Leave Comment | Permanent Link | Cosmos