如何验证域用户是否具有备份 (SeBackupPrivilege) 和恢复权限 (SerestorePrivilege)?我尝试将域用户添加到备份操作员组。但 Whoami /priv 命令输出显示域用户没有备份和恢复权限。
答案1
您可以使用 sysinternals 工具 访问检查。
您可以使用以下命令列出用户帐户的所有权限:
accesschk.exe "domain\user" -a *
以下是 Windows 10 上管理员的示例输出:
C:\Temp\AccessChk>accesschk.exe "domain\user" -a *
Accesschk v6.15 - Reports effective permissions for securable objects
Copyright (C) 2006-2022 Mark Russinovich
Sysinternals - www.sysinternals.com
Error enumerating account for the Netmon Users group:
The system cannot find the file specified.
SeSecurityPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeSystemtimePrivilege
SeShutdownPrivilege
SeRemoteShutdownPrivilege
SeTakeOwnershipPrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeSystemProfilePrivilege
SeProfileSingleProcessPrivilege
SeIncreaseBasePriorityPrivilege
SeLoadDriverPrivilege
SeCreatePagefilePrivilege
SeIncreaseQuotaPrivilege
SeUndockPrivilege
SeManageVolumePrivilege
SeImpersonatePrivilege
SeCreateGlobalPrivilege
SeTimeZonePrivilege
SeCreateSymbolicLinkPrivilege
SeChangeNotifyPrivilege
SeDelegateSessionUserImpersonatePrivilege
SeInteractiveLogonRight
SeNetworkLogonRight
SeBatchLogonRight
SeRemoteInteractiveLogonRight