Unable to read the security descriptor from service

Question

I unable to read security descriptor of a folder from service.

The folder is created by a Limited user. Administrators Group is Denied "Read and Execute" control. Limited user & System user has full access. I have an elevated token privileged for - "SE_SECURITY_NAME", "SE_BACKUP_NAME", "SE_RESTORE_NAME" and "SE_DEBUG_NAME".

GetNamedSecurityInfo fails with Error Code 5 (Access Denied).

Full marks for anybody that can even be remotely of help. Thanks in advance.

-- Varun

score 1 · Answer 1 · answered Jun 11 '12 at 15:49

1

One of the potential reason might be, that the privileges of the security descriptor of the token (which represents your service) has the needed privileges present but that these are not yet enabled.

answered Jun 11 '12 at 15:49

mox

6,084
2
23
35

Unable to read the security descriptor from service

1 Answers1