Posts

Showing posts from October, 2022

Find Windows PCs and Windows Servers that are not licensed or activated in the domain

Image
With the new version of our  server and network documentation tool  -  XIA Configuration Server , you will be able to quickly and easily detect Windows workstations and Windows servers that are not licensed or activated. Viewing the item displays information about the operating system including the activation status. The item view page Whilst our reporting section allows you to see the license and activation status of workstations and servers across the environment. The reporting interface For more information see the Windows machine page.

PowerShell Get-Acl displays an unknown FileSystemRights for certain folders, files, and drives when GENERIC_ALL or other generic rights exist in an ACE

Image
The Get-Acl PowerShell cmdlet is great for getting the NTFS permissions of folders, files, and drives however you may notice some strange behaviour with the FileSystemRights showing an numeric value rather than an enum. This can occur when GENERIC permissions such as GENERIC_READ, GENERIC_ALL, GENERIC_WRITE, or GENERIC_EXECUTE are in use. These permission can be seen in the definition of the access mask format https://learn.microsoft.com/en-us/windows/win32/secauthz/access-mask-format We came across this problem when writing an update for our  Network Documentation Tool XIA Configuration Server  please go ahead and take a look at our software. So what's the purpose of these?  Security descriptors are designed to be generic an applied to things like files, folders, drives, registry entries, Active Directory containers etc. etc. They therefore have generic overarching permissions and then object specific permissions. The problem is the generic permissions conflict (or at least combi