June 3, 2020 at 8:59 am #232954ParticipantTopics: 1Replies: 0Points: 12Rank: Member
Normally I’m a unix guy, but all our enviorments clients runs Windows10 – so needed a little Powershell script. After beeing hit twice in hostingcenter with Malware – I talked with some guys – that talking about removing executeable bit in some folders. So thats the Why 🙂
OS: Windows10 Pro – 64Bit v.1909
My Script is quite simple – but getting stuck on a error:
## Changing permission on Folders $Acl = Get-Acl C:\Windows\Temp $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("AUTHORITY\SYSTEM","Execute","Allow") $Acl.RemoveAccessRule($AccessRule) $Acl | Set-Acl C:\Windows\Temp
When running this script – I’m just getting this error:
Exception calling "RemoveAccessRule" with "1" argument(s): "Some or all Identities could not be translated." At C:\Users\pbj\Powershell\update.ps1:14 char:1 + $Acl.RemoveAccessRule($AccessRule) + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) , MethodInvocationException + FullyQualifiedErrorId : IdentityNotMappedException
And I do not get this problem – since I’ve tried following several guides etc online from these:
But unfortunably I’m not getting this to work – and properly have blinded myself with looking at it for some time!
Thanks in advance
June 3, 2020 at 1:08 pm #233038ParticipantTopics: 3Replies: 421Points: 1,479Rank: Community Hero
Read the error message and it will tell you exactly the problem. It can’t translate “some or all” of the identities. Your code is only referring to one identity. Try this instead.
## Changing permission on Folders $Acl = Get-Acl C:\Windows\Temp $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("NT AUTHORITY\SYSTEM","Execute","Allow") $Acl.RemoveAccessRule($AccessRule) $Acl | Set-Acl C:\Windows\Temp
Hope it helps.
- You must be logged in to reply to this topic.