I've been trying to set ACE for my user group on some of the Windows service. For that purpose I use the tool subinacl.exe.
I want to configure my service with the 'MyServiceId' and define access rights for the group 'MyGroup': the group should be allowed to read the service configuration but not allowed to change it. Therefor my call: subinacl.exe
/service MyServiceId /grant=MyGroup=R /deny=MyGroup=W
The problem is that the two actions, grant and deny, are processed sequentially by subinacl and the last action (deny) overwrites the first one (grant)! Why? Is it possible to write both, grant and deny
entries to an ACL of a service?
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.