SubInACL is a Microsoft utility which can be downloaded as part of Windows Resource Kits.
SubInACL is a command-line tool that enables administrators to obtain security information about files, registry keys, and
services, and transfer this information from user to user, from local or global group to group, and from domain to domain.
SubInACL’s help screen:
SubInAcl version 5.2.3790.1180
Each command line switch has its own help screen, which can be summoned using the command SUBINACL /help /switch
For example, SUBINACL /help /grant will call the following help screen:
Some examples of granting access permissions:
“D:\Departments\Marketing” and all of its subfolders, but not on the files:
SUBINACL /verbose=1 /printer “Color Laser” /grant=MYDOMAIN\Marketing=MP
SUBINACL /verbose=1 /service Spooler /grant=”Authenticated Users”=LQSTOP
To check permissions, remove the /grant switch: if no “action” is specified, the default /display is used.