You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like to run Get-NTFSAccess on a remote file and bypass the file's NTFS DACL.
Using an elevated terminal with an account that is in the Backup Operators local group, I can use Get-NTFSAccess on files that I have no effective permissions.
I want to do the same on files stored on a remote server accessed through a file share. The two computers are on the same domain and my user account is a member of the Backup Operators local groups on both computers.
I would like to run
Get-NTFSAccesson a remote file and bypass the file's NTFS DACL.Using an elevated terminal with an account that is in the Backup Operators local group, I can use
Get-NTFSAccesson files that I have no effective permissions.I want to do the same on files stored on a remote server accessed through a file share. The two computers are on the same domain and my user account is a member of the Backup Operators local groups on both computers.
My understanding is that the SeBackupPrivilege is not enabled on the hosting computer unless the FILE_OPEN_FOR_BACKUP_INTENT flag is set in the SMB request.
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/e8fb45c1-a03d-44ca-b7ae-47385cfd7997
Has anyone successfully managed to set this flag and get Get-NTFSAccess to work in the aforementioned scenario?
The text was updated successfully, but these errors were encountered: