https://blogs.technet.microsoft.com/kevinjustin/2017/11/08/schannel-event-logging/
FIPS regeidt
https://www.howtogeek.com/245859/why-you-shouldnt-enable-fips-compliant-encryption-on-windows/
https://port135.com/2018/11/24/schannel-the-internal-error-state-is-10013-solved/
잘못된 권한 올바르게 수정 하기
구차니즘 cmd로 하기
icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /grant Everyone:(CI)(RX)
(폴더만 보기 권한)
icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /remove "Everyone"
icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /grant Everyone:(CI)(RX)
icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /grant "Network Service:(OI)(CI)(RX)"
icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /grant Administrators:(OI)(CI)F
icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /grant System:(OI)(CI)F
icacls "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" /grant IUSR:(OI)(CI)F
명령어 찾는대 죽는줄 알았다 ㅋ
https://serverfault.com/questions/335625/icacls-granting-access-to-all-users-on-windows-7
수동 방법 예시
C:\Windows\System32>takeown /r /d y /f f:\backup
C:\Windows\System32>icacls f:\backup /t /grant Everyone:(OI)(CI)F
모든 권한
https://www.snoopybox.co.kr/1510
예전 방식은 안되더라 ㅠㅠ
https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/icacls
https://theitbros.com/using-icacls-to-list-folder-permissions-and-manage-files/ 폴더 권한 바꾸기
icacls test /grant Everyone:(CI)(M)
icacls "C:\ProgramData\Microsoft\Crypto\RSA\test"
상태 확인
icacls "C:\ProgramData\Microsoft\Crypto\RSA\test" /grant "Network Service:(CI)(M)"
icacls "C:\ProgramData\Microsoft\Crypto\RSA\test" /grant "Everyone:D"
https://winaero.com/blog/enable-disable-inherited-permissions-windows-10/
icacls "C:\ProgramData\Microsoft\Crypto\RSA\test" /inheritance:d
죽어라 삭제가 안되는대 명시적 부모에게 받은 사용권한 삭제 해야 한다.
icacls "C:\ProgramData\Microsoft\Crypto\RSA\test" /remove "Everyone:(I)(OI)(CI)(RX)D"
icacls "C:\ProgramData\Microsoft\Crypto\RSA\test" /remove "NT AUTHORITY\NETWORK SERVICE"
삭제 하는 방법
icacls "C:\ProgramData\Microsoft\Crypto\RSA\test" /grant:r "Everyone:D"
:r 강재 부여 방법
Everyone 삭제가 안됨 ㅎㅎ;;
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL" /t REG_DWORD /v EventLogging /d 7
https://blogs.msdn.microsoft.com/kaushal/2012/10/05/ssltls-alert-protocol-the-alert-codes/
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL" /t REG_DWORD /v EventLogging /d 0
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp" /V "DefaultSecureProtocols" /T REG_DWORD /D 2560 /F
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp" /V "DefaultSecureProtocols" /T REG_DWORD /D 2560 /F
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy" /t REG_DWORD /v Enabled /d 1
gpupdate /force
댓글
댓글 리스트-
작성자동우 작성자 본인 여부 작성자 작성시간 19.10.24 부모 상속문제 -_-;;
-
작성자동우 작성자 본인 여부 작성자 작성시간 19.10.24 https://www.dell.com/support/article/kr/ko/krbsd1/sln156352/windows%EC%9D%98-%ED%8C%8C%EC%9D%BC-%EB%B0%8F-%ED%8F%B4%EB%8D%94-%EA%B6%8C%ED%95%9C-%EC%9D%B4%ED%95%B4?lang=ko 명시적 상속변경
-
작성자동우 작성자 본인 여부 작성자 작성시간 19.10.24 https://winaero.com/blog/enable-disable-inherited-permissions-windows-10/
-
작성자동우 작성자 본인 여부 작성자 작성시간 19.10.24 https://www.sevenforums.com/performance-maintenance/312082-event-viewer-error-schannel.html
인터넷 익스플로 에러 같음 복원 초기화