If your company decided to wait on Vista, you may not have had opportunity to get into the core technology that Microsoft introduced in version 6 of its kernel which powers Vista, Win7, Server 2008 and Server 2008R2.  Integrity Levels (ILs) are a new and significant feature of the new kernel.

Here is a list of the tools that allow you to view and change Integrity Levels:

• whoami /groups – lists the integrity level of the instance of cmd.exe that the command is executed within.  Built into the operating system.
• icacls.exe /setintegritylevel – views and sets file integrity levels.  Built into the operating system.
• procexp.exe – shows integrity levels for any running process.

The following two tools were written by Mark Minasi for his book “Administering Windows Vista Security – The Big Surprises”  As usual his book leverages a light hearted style to get you through the core concepts – still an applicable read to Windows 7 if you didn’t get up to speed on Vista.

• chml.exe – allows detailed Integrity Level permissions settings and custom ILs on files.   – it is helpful for understanding ILs in depth.
• regil.exe – allows detailed Integrity Level permissions settings and custom ILs on registry keys. It was written by Mark Minasi for his book “Administering Vista Security – The Big Surprises”.

Download Process Explorer

Download Tools From Mark’s Book

   Buy this item from Amazon US
   Buy this item from Amazon CA
   Buy this item from Amazon UK
   Buy this item from Amazon DE
   Buy this item from Amazon FR
   Buy this item from Amazon JP