This security setting determines which users can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories, and determines which users can set any valid security principal as the owner of an object.
Specifically, this user right is similar to granting the following permissions to the user or group in question on all files and folders on the system:
Traverse Folder/Execute File
Write
Caution
Assigning this user right can be a security risk. Since users with this user right can overwrite registry settings, hide data, and gain ownership of system objects, only assign this user right to trusted users.
Policy path:
Computer Configuration\Windows Settings\Local Policies\User Rights Assignment
Default:
Workstations and servers: Administrators, Backup Operators.
Domain controllers: Administrators, Backup Operators, Server Operators.
Supported on:
At least Windows XP SP2, Windows Server 2003
Registry settings:
User Rights security settings are not registry keys
Reboot required:
No
Comments: