Error Code SeRestorePrivilege


Definition of Privileges codes.

SeRestorePrivilege Restore files and directories Required to perform restore operations. This privilege causes the system to grant all write access control to any file, regardless of the ACL specified for the file. Any access request other than write is still evaluated with the ACL. Additionally, this privilege enables you to set any valid user or group SID as the owner of a file. The following access rights are granted if this privilege is held: WRITE_DAC, WRITE_OWNER, ACCESS_SYSTEM_SECURITY, FILE_GENERIC_WRITE, FILE_ADD_FILE, FILE_ADD_SUBDIRECTORY, DELETE. With this privilege, the user can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories and determines which users can set any valid security principal as the owner of an object.


This code may be used in the following events / insertation strings:

Insertion Strings

Privileges Used for Access Check Privileges Privilege Used for Access Check Enabled Privileges Disabled Privileges User Right

Security Events

Event ID 4656 Event ID 4672 Event ID 4673 Event ID 4720 Event ID 4723 Event ID 4726 Event ID 4731 Event ID 4732 Event ID 4733 Event ID 4734 Event ID 4735 Event ID 4741 Event ID 4742 Event ID 4743 Event ID 4749 Event ID 4750 Event ID 4751 Event ID 4752 Event ID 4753 Event ID 4764 Event ID 4674 Event ID 4727 Event ID 4728 Event ID 4737 Event ID 4754 Event ID 4755 Event ID 4756 Event ID 4738 Event ID 4661 Event ID 4704 Event ID 4705 Event ID 4703