Is editing file or registry permission still uncomfortable? Does it always work or do you get errors when trying? How does inheritance work and how to view it in PowerShell? What are Windows Privileges and how to use them to work around the ACL / security? What is a security descriptor or SDDL?

Have you ever been removed from the ACL of a directory on a file server or been asked to restore permissions that somehow got screwed up? Pretty much unchanged since Windows NT4 there are still some mysteries to uncover around Windows Security. Managing permissions on NTFS volumes and the Windows Registry has gotten much easier thanks to PowerShell but some principals behind terms like security descriptor, DACL, SACL, inheritance are still quite unknown. This session covers the basics of how Windows controls access to many resources and how you can manage and report on these access lists with PowerShell. It also explains the term “privilege” (something that you see in the output of whoami.exe) and how you can make use of privileges to manage your resources much smoother in Windows PowerShell or PowerShell 6. You will learn how to access literally any file, regardless of how the ACL is defined, and how to manage, migrate, backup and restore permissions with very short and simple PowerShell statements.

This session also talks about module design and when it is a good idea to switch from PowerShell to C#. The source code of the NTFSSecurity is examined