0x6d69636b
commented
1 year ago What do you mean by doing/setting it via SID? What is the output of the command secedit /export /cfg $TempFileName /areas USER_RIGHTS (you have to set a real path for $TempFileName)?
I did a scan of a server against the BSI ND Machine baseline and in the scan result (CSV) for ID 279 (Increase scheduling priority), it shows only
BUILTIN\Administratorsas a result, despite theWindow Manager\Window Manager Groupalso being configured via its SID (S-1-5-90-0) which I got from here. I would expect that SID to show up in the "Result" column as well, which isn't the case. For other settings I use S-1-0-0 forNobodyand those settings get a pass too, so I'm not sure it is related to the fact I am using a SID here per se.Caveats: I'm not entirely convinced doing it via the SID is correct and the Windows Server language is German.