The accesschk CMD command is a Windows command line utility that is used to check the access rights of users and groups to files, folders, and registry keys. It is a powerful tool that can be used to audit the security of a system, and it is included in the Windows Resource Kit. The accesschk command is available in Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10, and Windows Server 2003, 2008, and 2012.
Syntax of the accesschk Command
The syntax of the accesschk command is as follows:
accesschk -u username -p permission object
Where:
- -u specifies the username of the user or group to be checked.
- -p specifies the permission to be checked.
- object specifies the object to be checked (file, folder, registry key).
Options of the accesschk Command
The accesschk command has several options that can be used to customize the output of the command. These options are as follows:
| -s | Displays the security descriptor of the object. |
| -v | Displays verbose output. |
| -e | Displays the effective access rights of the object. |
| -r | Displays the access rights of the object. |
| -w | Displays the access rights of the object that are writable. |
| -n | Displays the access rights of the object that are not writable. |
Examples of the accesschk Command
The accesschk command can be used to check the access rights of users and groups to files, folders, and registry keys. Here are some examples of how the command can be used:
Example 1: Check the Access Rights of a User to a File
To check the access rights of a user to a file, use the following command:
accesschk -u username -p permission file
Where:
- username is the username of the user to be checked.
- permission is the permission to be checked (e.g. read, write, execute).
- file is the path to the file to be checked.
Example 2: Check the Access Rights of a Group to a Folder
To check the access rights of a group to a folder, use the following command:
accesschk -u groupname -p permission folder
Where:
- groupname is the name of the group to be checked.
- permission is the permission to be checked (e.g. read, write, execute).
- folder is the path to the folder to be checked.
Example 3: Check the Access Rights of a User to a Registry Key
To check the access rights of a user to a registry key, use the following command:
accesschk -u username -p permission registrykey
Where:
- username is the username of the user to be checked.
- permission is the permission to be checked (e.g. read, write, execute).
- registrykey is the path to the registry key to be checked.
Conclusion
The accesschk CMD command is a powerful tool that can be used to audit the security of a system. It can be used to check the access rights of users and groups to files, folders, and registry keys. The command has several options that can be used to customize the output of the command. With the accesschk command, administrators can easily audit the security of their systems and ensure that users and groups have the appropriate access rights to the system’s resources.