| File name: | dsacls.exe.mui |
| Size: | 16384 byte |
| MD5: | 749af9c67572fc32ed9552d6d61ed66c |
| SHA1: | 9a954ea8d74b8306d66ab1f25a8f31317e32c329 |
| SHA256: | 0e13f7fa148698139ce0f99271a33582ea27700ba8c5b49bc7b0fdabfea602df |
| Operating systems: | Windows 10 |
| Extension: | MUI |
| In x64: | dsacls.exe DS 控制 ACLS 程式 (32 位元) |
If an error occurred or the following message in Chinese (Traditional) language and you cannot find a solution, than check answer in English. Table below helps to know how correctly this phrase sounds in English.
| id | Chinese (Traditional) | English |
|---|---|---|
| 1 | I | I |
| 2 | N | N |
| 4 | P | P |
| 8 | G | G |
| 16 | D | D |
| 32 | R | R |
| 64 | S | S |
| 128 | T | T |
| 256 | A | A |
| 512 | resetDefaultDACL | resetDefaultDACL |
| 1024 | resetDefaultSACL | resetDefaultSACL |
| 2048 | takeOwnership | takeOwnership |
| 4096 | domain | domain |
| 8002 | 命令成功完成 | The command completed successfully |
| 8003 | 命令無法成功完成。 | The command failed to complete successfully. |
| 8004 | 使用者/存取清單未接續在參數 %1 之後 | The parameter %1 was not followed by a user/access list |
| 8005 | 發生意外的參數 %1。 | Parameter %1 was unexpected. |
| 8006 | 存取清單: | Access list: |
| 8007 | 稽核清單: | Audit list: |
| 8008 | 擁有者: %1 | Owner: %1 |
| 8009 | 群組: %1 | Group: %1 |
| 8010 | {這個物件受到保護,不會繼承父系的權限} | {This object is protected from inheriting permissions from the parent} |
| 8011 | 繼承者: %1 | Inherit to: %1 |
| 8012 | 屬性: %1 | Property: %1 |
| 8013 | 基礎物件: | Base object: |
| 8014 | (%1)%0 | (%1)%0 |
| 8015 | %1:%0 | %1:%0 |
| 8016 | %1%0 | %1%0 |
| 8017 | 已處理項目 %1 | Processed entry %1 |
| 8019 | 子物件繼承的權限: | Permissions inherited to subobjects are: |
| 8020 | 所有子物件均繼承 | Inherited to all subobjects |
| 8021 | 由 %1 繼承 | Inherited to %1 |
| 8022 | 允許 | Allow |
| 8023 | 拒絕 | Deny |
| 8024 | ||
| 8025 | %2 的 %1 | %1 for %2 |
| 8026 | 特殊存取 | SPECIAL ACCESS |
| 8027 | 沒有存取控制項目 | THERE ARE NO ACCESS CONTROL ENTRIES |
| 8028 | 找不到 %1 的 SID | No Sid Found for %1 |
| 8029 | 找不到 %1 的 GUID | No GUID Found for %1 |
| 8030 | %1 是屬性或屬性集。有效的權限為 WP (寫入屬性)、RP (讀取屬性) 以及 CA (控制存取權限) | %1 is Property or Property Set. Valid Permissions are WP(Write Property), RP(Read Property) and CA(Control Access Right) |
| 8031 | %1 是延伸權限。唯一有效的權限為 CA (控制存取權限) | %1 is Extended Right. Only Valid Permission is CA(Control Access Right) |
| 8032 | %1 是驗證的寫入。唯一有效的權限為 WS (寫入本身物件) | %1 is Validated Write. Only Valid Permission is WS(Write To Self Object) |
| 8033 | %1 是物件類型。有效的權限為 CC (建立子系) 和 DC (刪除子系)。 | %1 is Object Type. Valid Permissons are CC(Create Child and DC(Delete Child). |
| 8034 | %1 已指定為繼承的物件類型。/I:S 必須存在。 | %1 is specified as Inherited Object Type. /I:S must be present. |
| 8035 | 成功 | Success |
| 8036 | 失敗 | Failure |
| 8037 | 全部 | All |
| 8038 | 物件路徑無效,請修正。 | Object path is not valid, please correct it. |
| 8039 | 指定的作業失敗,發生 LDAP 錯誤: %1 %2 。 |
Specified operation failed with ldap error: %1 %2 . |
| 8040 | 密碼: | Passwd: |
| 8041 | 您輸入的密碼無效。 |
You have entered an invalid password. |
| 8042 | 選項 /domain 必須和 /user 一起使用。 |
option /domain should be used with /user. |
| 8043 | 選項 /domain 已指定。無法進行簡單繫結。 |
option /domain is specified. Cannot do simple bind. |
| 8044 | 選項 /passwd 必須和 /user 一起使用。 |
option /passwd should be used with /user. |
| 8045 | 進行簡單繫結所需的 UserDN 遺失。 |
UserDN missing to do simple bind. |
| 8046 | 不詳 | Unknown |
| 8192 | user | user |
| 16384 | passwd | passwd |
| 32768 | simple | simple |
| 32769 | SD | SD |
| 32770 | RC | RC |
| 32771 | WD | WD |
| 32772 | WO | WO |
| 32773 | CC | CC |
| 32774 | DC | DC |
| 32775 | LC | LC |
| 32776 | WS | WS |
| 32777 | WP | WP |
| 32778 | RP | RP |
| 32779 | DT | DT |
| 32780 | LO | LO |
| 32786 | CA | CA |
| 32787 | GR | GR |
| 32788 | GE | GE |
| 32789 | GW | GW |
| 32790 | GA | GA |
| 32792 | DELETE | DELETE |
| 32793 | READ PERMISSONS | READ PERMISSONS |
| 32794 | WRITE PERMISSIONS | WRITE PERMISSIONS |
| 32795 | CHANGE OWNERSHIP | CHANGE OWNERSHIP |
| 32796 | CREATE CHILD | CREATE CHILD |
| 32797 | DELETE CHILD | DELETE CHILD |
| 32798 | LIST CONTENTS | LIST CONTENTS |
| 32799 | WRITE SELF | WRITE SELF |
| 32800 | WRITE PROPERTY | WRITE PROPERTY |
| 32801 | READ PROPERTY | READ PROPERTY |
| 32802 | DELETE TREE | DELETE TREE |
| 32803 | LIST OBJECT | LIST OBJECT |
| 32804 | READ | READ |
| 32805 | EXECUTE | EXECUTE |
| 32806 | WRITE | WRITE |
| 32807 | FULL CONTROL | FULL CONTROL |
| 32808 | CONTROL ACCESS | CONTROL ACCESS |
| 32809 | Y | Y |
| 0x2329 | 顯示或修改 Active Directory 網域服務 (AD DS) 物件的權限 (ACLS)DSACLS object [/I:TSP] [/N] [/P:YN] [/G : [...]] [/R [...]] [/D : [...]] [/S] [/T] [/A] [/resetDefaultDACL] [/resetDefaultSACL] [/takeOwnership] [/user:] [/passwd: | *] [/simple] object 所要顯示或用來操作 ACL 的 AD DS 物件之 路徑 路徑為 RFC 1779 名稱格式,例如 CN=John Doe,OU=Software,OU=Engineering,DC=Widget,DC=com 可以在物件的前面加上 \\\\server[:port]\\ 來表示特定的 AD DS,例如 \\\\ADSERVER\\CN=John Doe,OU=Software,OU=Engineering,DC=Widget,DC=US | Displays or modifies permissions (ACLS) of an Active Directory Domain Services (AD DS)ObjectDSACLS object [/I:TSP] [/N] [/P:YN] [/G : [...]] [/R [...]] [/D : [...]] [/S] [/T] [/A] [/resetDefaultDACL] [/resetDefaultSACL] [/takeOwnership] [/user:] [/passwd: | *] [/simple] object Path to the AD DS object for which to display or manipulate the ACLs Path is the RFC 1779 format of the name, as in CN=John Doe,OU=Software,OU=Engineering,DC=Widget,DC=com A specific AD DS can be denoted by prepending \\\\server[:port]\\ to the object, as in \\\\ADSERVER\\CN=John Doe,OU=Software,OU=Engineering,DC=Widget,DC=US |
| 0x232A | 無選項 顯示物件的安全性。 /I 繼承旗標: T: 這個物件和子物件 S: 只有子物件 P: 只在單一層級傳播可繼承的權限。 /N 取代物件目前的存取權,而不予以 編輯。 /P 將物件標示為受保護 Y: 是 N: 否 如果未顯示 /P 選項,則維持目前的 保護旗標。 /G : 將指定權限授與指定的群組 (或使用者)。 及 格式請見下方 /D : 拒絕指定群組 (或使用者) 的指定權限。 及 格式請見下方 /R 移除指定群組 (或使用者) 的所有權限。 格式請見下方 /S 將物件的安全性還原成 AD DS 結構描述中所定義的 該物件類別之預設值。這個選項會在 DSACLS 連結到 NTDS 時作用。若要還原 AD LDS 中的物件之預設 ACL, 請使用 /resetDefaultDACL 及 /resetDefaultSACL 選項。 /T 將物件樹狀結構的安全性還原成物件類別的 預設值。 這個切換參數只在與 /S 選項一起使用時才有效。 /A 顯示 AD DS 物件的安全性時, 也顯示稽核資訊以及權限和 擁有權資訊。 /resetDefaultDACL 將物件的 DACL 還原成 AD DS 結構描述中所定義的 該物件類別之預設值。 /resetDefaultSACL 將物件的 SACL 還原成 AD DS 結構描述中所定義的 該物件類別之預設值。 /takeOwnership 取得物件的擁有權。 /domain: 採用使用者的這個網域帳戶連接到 LDAP 伺服器。 /user: 採用這個使用者名稱連接到 LDAP 伺服器。 如果未使用這個選項,DSACLS 會使用 SSPI 以目前登入的使用者繫結。 /passwd: | * 使用者帳戶的密碼。 /simple 使用 LDAP 簡單繫結連結到伺服器。請注意, 會使用純文字密碼透過電傳傳送。 | no options displays the security on the object. /I Inheritance flags: T: This object and sub objects S: Sub objects only P: Propagate inheritable permissions one level only. /N Replaces the current access on the object, instead of editing it. /P Mark the object as protected Y:Yes N:No If /P option is not present, current protection flag is maintained. /G : Grant specified group (or user) specified permissions. See below for format of and /D : Deny specified group (or user) specified permissions. See below for format of and /R Remove all permissions for the specified group (or user). See below for format of /S Restore the security on the object to the default for that object class as defined in AD DS Schema. This option works when dsacls is bound to NTDS. To restore default ACL of an object in AD LDS use /resetDefaultDACL and /resetDefaultSACL options. /T Restore the security on the tree of objects to the default for the object class. This switch is valid only with the /S option. /A When displaying the security on an AD DS object, display the auditing information as well as the permissions and ownership information. /resetDefaultDACL Restore the DACL on the object to the default for that object class as defined in AD DS Schema. /resetDefaultSACL Restore the SACL on the object to the default for that object class as defined in AD DS Schema. /takeOwnership Take ownership of the object. /domain: Connect to ldap server using this domain account of the user. /user: Connect to ldap server using this user name. If this option is not used dsacls will bind as the currently logged on user, using SSPI. /passwd: | * Passwd for the user account. /simple Bind to server using ldap simple bind. Note that the clear text password will be sent over the wire. |
| 0x232B | 格式如下: group@domain 或 domain\\group user@domain 或 domain\\user 使用者或群組的 FQDN 字串 SID 格式如下: [權限位元];[物件/屬性];[繼承的物件類型] 權限位元可以包含一連串的下列各值: 一般權限 GR 一般讀取 GE 一般執行 GW 一般寫入 GA 一般所有權限 特定權限 SD 刪除 DT 刪除物件及其所有子系 RC 讀取安全性資訊 WD 變更安全性資訊 WO 變更擁有者資訊 LC 列出物件的子系 CC 建立子物件 DC 刪除子物件 有關這兩項權限,如果未指定 [物件/屬性] 來定義特定的子物件類型,這些權限會套用到 子物件的所有類型,否則只會套用到該項 特定子物件類型。 WS 寫入本身 (又稱為已驗證的寫入)。 有三種已驗證的寫入: 本身-成員資格 (bf9679c0-0de6-11d0-a285-00aa003049e2) 套用到群組物件。它允許透過在本身帳戶中新增/移除 的方式,更新群組的成員資格。 範例: (WS; bf9679c0-0de6-11d0-a285-00aa003049e2; AU) 套用到群組 X 並允許已驗證使用者將本身加入群組 X 或從群組 X 中移除,但不包括本身以外的其他人。 已驗證-DNS-主機-名稱 (72e39547-7b18-11d1-adef-00c04fd8d5cd) 套用到電腦物件。 它允許更新符合電腦名稱與 網域名稱的 DNS 主機名稱屬性。 已驗證-SPN (f3a64788-5306-11d1-a9c5-0000f80367c1) 套用到電腦物件: 它允許更新符合電腦 DNS 主機名稱的 SPN 屬性。 WP 寫入屬性 RP 讀取屬性 有關這兩項權限,如果未指定 [物件/屬性] 來定義特定的屬性,這些權限會套用到物件 的所有屬性,否則只會套用到物件的該項 特定屬性。 CA 控制存取權限 有關這項權限,如果未指定 [物件/屬性] 來定義控制存取的特定延伸權限,這項 權限會套用到對該物件有意義的所有控制 存取,否則只會套用到該物件的特定延伸 權限。 LO 列出物件存取。如果未將列出子系 (LC) 權限授與父系,可用來對特定物件授與 列出存取權限,而如果使用者/群組擁有 父系的 LC,則可拒絕特定物件,以隱藏 這些物件。 請注意: 根據預設,AD DS 不會強制執行 這項權限,必須經過設定,才會開始檢查 這項權限。 [物件/屬性] 必須是物件類型或屬性的顯示名稱。 例如,使用者物件的顯示名稱為 \"user\", 而電話號碼屬性的顯示名稱為 \"telephone number\"。 [繼承的物件類型] 必須是預期將繼承之權限的物件類型顯示名稱。 該權限必須是僅限繼承。 請注意: 只有在定義覆寫 AD DS 結構描述所定義之 物件類型預設權限的物件特定權限時,才能使用此選項。 務必小心使用此選項,而且務必確保您了解物件的 特定權限。 有效 的範例如下: SDRCWDWO;;user 意義: 刪除、讀取安全性資訊、變更安全性資訊以及 變更 \"user\" 物件類型的擁有者權限。 CCDC;group; 意義: 建立子系以及刪除子系建立/刪除 group 物件類型 的權限。 RPWP;telephonenumber; 意義: 對電話號碼屬性的讀取屬性權限以及寫入屬性 權限您可以在一個命令中指定多個使用者。 | should be in the following forms: group@domain or domain\\group user@domain or domain\\user FQDN of the user or group A string SID should be in the following form: [Permission bits];[Object/Property];[Inherited Object Type] Permission bits can have the following values concatenated together: Generic Permissions GR Generic Read GE Generic Execute GW Generic Write GA Generic All Specific Permissions SD Delete DT Delete an object and all of it's children RC Read security information WD Change security information WO Change owner information LC List the children of an object CC Create child object DC Delete a child object For these two permissions, if [Object/Property] is not specified to define a specific child object type, they apply all types of child objects otherwise they apply to that specific child object type. WS Write To Self (also known as Validated Write). There are 3 kinds of validated writes: Self-Membership (bf9679c0-0de6-11d0-a285-00aa003049e2) applied to Group object. It allows updating membership of a group in terms of adding/removing to its own account. Example: (WS; bf9679c0-0de6-11d0-a285-00aa003049e2; AU) applied to group X, allows an Authenticated User to add/remove oneself to/from group X, but not anybody else. Validated-DNS-Host-Name (72e39547-7b18-11d1-adef-00c04fd8d5cd) applied to computer object. It allows updating the DNS host name attribute that is compliant with the computer name & domain name. Validated-SPN (f3a64788-5306-11d1-a9c5-0000f80367c1) applied to computer object: It allows updating the SPN attribute that is compliant to the DNS host name of the computer. WP Write property RP Read property For these two permissions, if [Object/Property] is not specified to define a specific property, they apply to all properties of the object otherwise they apply to that specific property of the object. CA Control access right For this permission, if [Object/Property] is not specified to define the specific \"extended right\" for control access, it applies to all control accesses meaningful on the object, otherwise it applies to the specific extended right for that object. LO List the object access. Can be used to grant list access to a specific object if List Children (LC) is not granted to the parent as well can denied on specific objects to hide those objects if the user/group has LC on the parent. NOTE: AD DS does NOT enforce this permission by default, it has to be configured to start checking for this permission. [Object/Property] must be the display name of the object type or the property. for example \"user\" is the display name for user objects and \"telephone number\" is the display name for telephone number property. [Inherited Object Type] must be the display name of the object type that the permissions are expected to be inherited to. The permissions MUST be Inherit Only. NOTE: This must only be used when defining object specific permissions that override the default permissions defined in the AD DS schema for that object type. USE THIS WITH CAUTION and ONLY IF YOU UNDERSTAND object specific permissions. Examples of a valid would be: SDRCWDWO;;user means: Delete, Read security information, Change security information and Change ownership permissions on objects of type \"user\". CCDC;group; means: Create child and Delete child permissions to create/delete objects of type group. RPWP;telephonenumber; means: read property and write property permissions on telephone number propertyYou can specify more than one user in a command. |
| File Description: | DS 控制 ACLS 程式 |
| File Version: | 10.0.15063.0 (WinBuild.160101.0800) |
| Company Name: | Microsoft Corporation |
| Internal Name: | DSACLS |
| Legal Copyright: | © Microsoft Corporation. All rights reserved. |
| Original Filename: | DSACLS.EXE.MUI |
| Product Name: | Microsoft® Windows® Operating System |
| Product Version: | 10.0.15063.0 |
| Translation: | 0x404, 1200 |