-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Just call it from the command line! The syntax ist:
grantprivilege.exe ACCOUNT-NAME RIGHT-OR-PRIVILEGE-NAME-OR-SHORTCUT
ACCOUNT-NAME --> name of target Windows account, for example DOMAIN\USER
RIGHT-OR-PRIVILEGE-NAME-OR-SHORTCUT --> string constant which defines which right or privilege to grant, see the following lists:
Shortcuts
sql --> SeLockMemoryPrivilege plus SeManageVolumePrivilege
Account Rights Constants
SeBatchLogonRight
SeDenyBatchLogonRight
SeDenyInteractiveLogonRight
SeDenyNetworkLogonRight
SeDenyRemoteInteractiveLogonRight
SeDenyServiceLogonRight
SeInteractiveLogonRight
SeNetworkLogonRight
SeRemoteInteractiveLogonRight
SeServiceLogonRight
Privilege Constants
SeAssignPrimaryTokenPrivilege --> Replace a process-level token
SeAuditPrivilege --> Generate security audits
SeBackupPrivilege --> Back up files and directories
SeChangeNotifyPrivilege --> Bypass traverse checking
SeCreateGlobalPrivilege --> Create global objects
SeCreatePagefilePrivilege --> Create a pagefile
SeCreatePermanentPrivilege --> Create permanent shared objects
SeCreateSymbolicLinkPrivilege --> Create symbolic links
SeCreateTokenPrivilege --> Create a token object
SeDebugPrivilege --> Debug programs
SeEnableDelegationPrivilege --> Enable computer and user accounts to be trusted for delegation
SeImpersonatePrivilege --> Impersonate a client after authentication
SeIncreaseBasePriorityPrivilege --> Increase scheduling priority
SeIncreaseQuotaPrivilege --> Adjust memory quotas for a process
SeIncreaseWorkingSetPrivilege --> Increase a process working set
SeLoadDriverPrivilege --> Load and unload device drivers
SeLockMemoryPrivilege --> Lock pages in memory
SeMachineAccountPrivilege --> Add workstations to domain
SeManageVolumePrivilege --> Manage the files on a volume
SeProfileSingleProcessPrivilege --> Profile single process
SeRelabelPrivilege --> Modify an object label
SeRemoteShutdownPrivilege --> Force shutdown from a remote system
SeRestorePrivilege --> Restore files and directories
SeSecurityPrivilege --> Manage auditing and security log
SeShutdownPrivilege --> Shut down the system
SeSyncAgentPrivilege --> Synchronize directory service data
SeSystemEnvironmentPrivilege --> Modify firmware environment values
SeSystemProfilePrivilege --> Profile system performance
SeSystemtimePrivilege --> Change the system time
SeTakeOwnershipPrivilege --> Take ownership of files or other objects
SeTcbPrivilege --> Act as part of the operating system
SeTimeZonePrivilege --> Change the time zone
SeTrustedCredManAccessPrivilege --> Access Credential Manager as a trusted caller
SeUndockPrivilege --> Remove computer from docking station
SeUnsolicitedInputPrivilege --> Required to read unsolicited input from a terminal device