This article has been removed.
The content of this blog can be searched by keyword.
Use the search window in the sidebar or at the top. Alternatively, please translate the original article using Google or other means.
Please find alternative content.
Remnants of articles that had been published
When hiding "Libraries" displayed in the left pane of Windows Explorer, I found an unknown account "S-1-5-21" in the permissions of the registry key "ShellFolder".
When I checked,
"Unknown account" was displayed because the profile corresponding to SID (S-1-5-21) does not exist.
Windows manages by giving a SID to the account, and internally manages it by giving a different SID even for the same account name.
Well, the main subject.
"S-1-5-21" given to an unknown account is a domain SID.
I decided to delete it, so I decided to delete it.
I will share the steps I have taken.
Location of Shell Folder
Searching with ShellFolder will hit in multiple places, but the target for this article is in the following hierarchy:Attempt to delete failed
When you try to delete "S-1-5-21", the following dialog is displayed.snap shot
Steps to delete unknown account
* Example of Windows 7 Pro 64-bit[Overall flow]
- Change the registry key owner to your account
- Set to "Full Control"
- Uncheck "Include inheritable permissions from this object's parent"
- Delete suspicious accounts
- End of procedure
Make a backup copy of your registry in case something goes wrong.
Permission
Display the right-click menu of the registry key ShellFolder and click "Permissions".Detailed settings
The access permission dialog is displayed. Click "Detailed settings".Change owner
- Select the Owner tab.
- Change the owner to your account.
- Uncheck "Replace owner of subcontainers and objects".
- Select your account listed in the Change Owner field and click Apply.
Addition-Detailed setting
- Open the [Permissions] tab and click [Add].
- Click Advanced from the user or group selection dialog.
Click Search
Full control
- Select your account from the search result list and click "OK".
- You will be returned to the user or group selection screen, so make sure that your account is displayed and click "OK".
- "Access permission entry" is displayed. Check "Allow" of "Full Control" and press "OK".
Ready to delete
- Go back to advanced security settings and confirm that your account has been added to "Permission Entry" with Full Control.
- Ready to delete.
By registering your account (currently logged in account) with full control permission, you can delete suspicious accounts.
Uncheck
- Access permission
- Include inheritable permissions from this object's parent
- Uncheck
Windows security
* Choosing to delete is dangerousReprinted full text of Windows security warning
Warning: If you continue, the inheritable permissions from the parent will no longer apply to this object.
- Convert the permissions that are inherited from the parent, to be added to this object as an explicit permission, [ add please click].
-Click Remove to remove the permissions inherited from the parent from this object.
-Click Cancel if you do not want to change the inheritance settings here.
End of procedure
- Select the suspicious account and click “Delete”.
- Click "OK".
- End of procedure
Afterword
2019/03/10The information provided is for Windows 7.
When I run it on Windows 10, it fails but I found PLAN-B.
Please read the related article for details.
If permission inheritance gets in the way, you can change the key one level higher.
Source: Permission inheritance
Windows 10 Pro October 2018 Update, v1809.17763.316
このサイトを検索 | Search this site