Skip navigation
Menu
End-User Platforms>Windows 7/8

JSI Tip 8741. How can I remove invalid domain SIDs from the my file system permissions?

Using the corrected version of SubInAcl, you can remove invalid domain SIDs from your file system permissions.

The syntax is:

subinacl /subdirectories <FileSystemObject> /cleandeletedsidsfrom=<NetBIOS_Domain_Name>

Example:

subinacl /subdirectories C:\*.* /cleandeletedsidsfrom=JSIINC

The default is to scan the entire security descriptor, but you can specify \[=dacl|sacl|owner|primarygroup|all\] after the domain name.

NOTE: If the owner SID is removed, it is replaced with the Administrators group. If the Primary Group is removed, it is replaced with the Users group.



Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019