In addition to the access control list provided by the HiseCws.inf template, there is a file that "member server benchmark policy" protected.
File benchmark permission
% SystemDrive% / boot.ini administrators: full control
System: Fully control
% SystemDrive% / NTDetect.com administrators: full control
System: Fully control
% SystemDrive% / NTLDR Administrators: Fully Control
System: Fully control
% SystemDrive% / IO.SYS Administrators: Fully Control
System: Fully control
% SystemDrive% / Autoexec.bat Administrators: Fully Control
System: Fully control
Authenticated users: read and execute, list the folder content, read
% SystemDir% / Config Administrators: Fully controlled
System: Fully control
Authenticated users: read and execute, list the folder content, read
% Systemroot% / system32 / append.exe administrators: full control
% SystemRoot% / System32 / ARP.EXE Administrators: Fully Control
% Systemroot% / system32 / at.exe administrators: fully controlled
% Systemroot% / system32 / attrib.exe administrators: full control
% Systemroot% / system32 / cacls.exe administrators: full control
% Systemroot% / system32 / change.exe administrators: full control
% Systemroot% / system32 / chcp.com administratrs: full control
% Systemroot% / system32 / chglogon.exe administrators: full control
% Systemroot% / system32 / chgport.exe administrators: full control
% Systemroot% / system32 / chguser.exe administrators: full control
% Systemroot% / system32 / chkdsk.exe administrators: full control
% Systemroot% / system32 / chkntfs.exe administrators: full control
% Systemroot% / system32 / cipher.exe administrators: full control
% Systemroot% / system32 / cluster.exe administrators: full control
% Systemroot% / system32 / cmd.exe administrators: full control
% Systemroot% / system32 / compact.exe administrators: full control
% SystemRoot% / System32 / Command.com Administrators: Fully Control
% SystemRoot% / System32 / Convert.exe Administrators: Fully Control
% Systemroot% / system32 / cscript.exe administrators: full control
% SystemRoot% / System32 / Debug.exe Administrators: Fully Control% SystemRoot% / System32 / DFSCMD.EXE Administrators: Fully Control
% SystemRoot% / System32 / DiskComp.com Administrators: Fully Control
% Systemroot% / system32 / diskcopy.com administrators: Fully controlled
% Systemroot% / system32 / doskey.exe administrators: full control
% Systemroot% / system32 / edlin.exe administrators: full control
% SystemRoot% / System32 / EXE2BIN.EXE Administrators: Fully Control
% SystemRoot% / System32 / Expand.exe Administrators: Fully Control
% Systemroot% / system32 / fc.exe administrators: full control
% SystemRoot% / System32 / Find.exe Administrators: Fully Control
% SystemRoot% / System32 / FindStr.exe Administrators: Fully Control
% Systemroot% / system32 / finger.exe administrators: full control
% Systemroot% / system32 / forcedos.exe administrators: full control
% SystemRoot% / System32 / Format.com Administrators: Fully Control
% Systemroot% / system32 / ftp.exe administrators: full control
% Systemroot% / system32 / hostname.exe administrators: full control
% SystemRoot% / System32 / IisReSet.exe Administrators: Fully Control
% Systemroot% / system32 / ipconfig.exe administrators: full control
% Systemroot% / system32 / ipxroute.exe administrators: full control
% Systemroot% / system32 / label.exe administrators: full control
% Systemroot% / system32 / logoff.exe administrators: full control
% Systemroot% / system32 / lpq.exe administrators: full control
% Systemroot% / system32 / lpr.exe administrators: full control
% Systemroot% / system32 / makecab.exe administrators: full control
% SystemRoot% / System32 / Mem.exe Administrators: Fully Control
% Systemroot% / system32 / mmc.exe administrators: full control
% Systemroot% / system32 / mode.com administrators: full control
% Systemroot% / system32 / more.com administrators: full control
% Systemroot% / system32 / mountvol.exe administrators: Fully controlled% systemroot% / system32 / msg.exe administrators: full control
% SystemRoot% / System32 / NBTSTAT.EXE Administrators: Fully Control
% SystemRoot% / System32 / Net.exe Administrators: Fully Control
% Systemroot% / system32 / net1.exe administrators: full control
% Systemroot% / system32 / netsh.exe administrators: full control
% SystemRoot% / System32 / NetStat.exe Administrators: Fully Control
% Systemroot% / system32 / nslookup.exe administrators: full control
% SystemRoot% / System32 / NTBackup.exe Administrators: Fully Control
% SystemRoot% / System32 / NTSD.EXE Administrators: Fully Control
% SystemRoot% / System32 / Pathping.exe Administrators: Fully Control
% Systemroot% / system32 / ping.exe administrators: full control
% SystemRoot% / System32 / Print.exe Administrators: Fully Control
% Systemroot% / system32 / query.exe administrators: full control
% Systemroot% / system32 / rasdial.exe administrators: full control
% Systemroot% / system32 / rcp.exe administratrs: full control
% SystemRoot% / System32 / Recover.exe Administrators: Fully Control
% Systemroot% / system32 / regedit.exe administrators: full control
% Systemroot% / system32 / regedt32.exe administrators: full control
% Systemroot% / system32 / regini.exe administrators: full control
% Systemroot% / system32 / register.exe administrators: full control
% Systemroot% / system32 / regsvr32.exe administrators: full control
% SystemRoot% / System32 / Replace.exe Administrators: Fully Control
% Systemroot% / system32 / reset.exe administrators: full control
% Systemroot% / system32 / rexec.exe administrators: full control
% Systemroot% / system32 / route.exe administrators: full control
% Systemroot% / system32 / routemon.exe administrators: full control
% Systemroot% / system32 / router.exe administrators: full control
% SystemRoot% / System32 / RSH.EXE Administrators: Fully Control% SystemRoot% / System32 / Runas.exe Administrators: Fully Control
% SystemRoot% / System32 / Runonce.exe Administrators: Fully Control
% SystemRoot% / System32 / SECEDIT.EXE Administrators: Fully Control
% Systemroot% / system32 / setpwd.exe administrators: full control
% Systemroot% / system32 / shadow.exe administrators: full control
% Systemroot% / system32 / share.exe administrators: full control
% Systemroot% / system32 / snmp.exe administrators: full control
% SystemRoot% / System32 / SNMPTrap.exe Administrators: Fully Control
% SystemRoot% / System32 / Subst.exe Administrators: Fully Control
% Systemroot% / system32 / telnet.exe administrators: full control
% SystemRoot% / System32 / Termsrv.exe Administrators: Fully Control
% Systemroot% / system32 / tftp.exe administrators: full control
% SystemRoot% / System32 / TLNTADMIN.EXE Administrators: Fully Control
% SystemRoot% / System32 / TLNTSESS.EXE Administrators: Fully Control
% SystemRoot% / System32 / TLNTSVR.EXE Administrators: Fully Control
% Systemroot% / system32 / tracert.exe administrators: full control
% Systemroot% / system32 / tree.com administrators: Fully controlled
% Systemroot% / system32 / tsadmin.exe administrators: full control
% Systemroot% / system32 / tscon.exe administrators: full control
% Systemroot% / system32 / tsdiscon.exe administrators: full control
% Systemroot% / system32 / tskill.exe administrators: full control
% Systemroot% / system32 / tsprof.exe administrators: full control
% SystemRoot% / System32 / TSSHUTDN.EXE Administrators: Fully Control
% Systemroot% / system32 / usrmgr.com administrators: full control
% Systemroot% / system32 / wscript.exe administrators: full control
% Systemroot% / system32 / xcopy.exe administrators: full control
