ABTokenTools

Some time ago already I had written a few utilities to manipulate Windows account security settings. I use them at work all the time because they are more flexible and easier to understand than the built-in GUI tools (and much much easier to use than the built-in CLI tools).

You can find them here: Download ABTokenTools

Source: https://github.com/ajbrehm/ABTokenTools

They are mostly simple wrappers for the Win32 API calls. Note that their output is not redirectable.

I only compiled them for x64, so if you want x86, ARM, MIPS or whatever, you have to compile the programs yourself or contact me.

 

They are, so far:

 

AccountRights

AccountRights someuser SeShutdownPrivilege

gives a user account the shutdown privilege (which allows that user to stop or reboot the computer).

AccountRights someuser SeShutdownPrivilege REMOVE

removes that same privilege from the user.

This works for all privileges and rights.

 

GetProcessOwner

GetProcessOwner 1000

often gets the privileges and owner of the process with id 1000.

 

LookupAccountName

LookupAccountName someuser

gets the SID (security identifier) for a user name.

 

LookupAccountSid

This does the same as LookupAccountName but vice versa, gets the user name for a SID.

 

Use them at your own discretion. I use them all the time and find them indispensible.

 © Andrew Brehm 2016