Neophyte
NeophyteScript for what its worth:
# Requires elevated privileges to run
Param (
[Parameter(Mandatory)]
[String]$SID # Provide the SID to be appended
)
# Function to update service permissions
Function Set-ServicePermissions {
Param(
[String]$SID
)
# Get all services
$services = Get-Service
foreach ($service in $services) {
Write-Host "[INFO]: Updating permissions for service: $($service.Name)" -ForegroundColor Cyan
Try {
# Get current security descriptor for the service
$currentSDDL = & (Get-Command "$($env:SystemRoot)\System32\sc.exe") @("sdshow", $service.Name)
# Append read access for the provided SID
$newSDDL = $currentSDDL + "(A;;CCLCSWLOCRRC;;;" + $SID + ")"
# Apply the updated security descriptor
& (Get-Command "$($env:SystemRoot)\System32\sc.exe") @("sdset", $service.Name, $newSDDL)
Write-Host "[INFO]: Successfully updated permissions for service: $($service.Name)" -ForegroundColor Green
}
Catch {
Write-Host "[ERROR]: Failed to update permissions for service: $($service.Name). Error: $_" -ForegroundColor Red
}
}
}
# Call the function to apply permissions to all services
Set-ServicePermissions -SID $SID
