Solved

Using the command Cacls in BATCH

Posted on 2004-10-19
15
1,366 Views
Last Modified: 2008-01-09
I have a variable and this variable stands for a "main" directory
sometimes under the main directory are subdirectories
I use the command CALCS to see the rights of this main directory
The command CALCS also has a switch to show the rights of his subs

What i want to do:
First i want to check if the main directory has subdirectories
If it doesnt than command
"CACLS %variable%"
If the main directory has subdirectories
"CACLS /T %variable%
Now the real big problem I want that that output of the CACLS /T
Only will show the rights of the SUB directory if its different than the rights of the main directory.

Using Windows XP

Thanks Dan
0
Comment
Question by:Danny Kon
  • 6
  • 5
  • 3
  • +1
15 Comments
 
LVL 30

Expert Comment

by:SteveGTR
ID: 12346362
Is this the same as your other question?

http://www.experts-exchange.com/Operating_Systems/MSDOS/Q_21170838.html

Double points?
0
 
LVL 30

Expert Comment

by:SteveGTR
ID: 12347005
Just a couple of questions.

"CACLS %variable%"

What is %variable%? Is this going to be the main directory?

Why are we using the /T in this command:

"CACLS /T %variable%"

The help for cacls states:

/T Changes ACLs of specified files in the current directory and all subdirectories.

0
 
LVL 9

Expert Comment

by:gilbar
ID: 12347153
i use cacls for showing permissions too, the only way i know of to 'trim' the output like you're wanting would be to pipe the output to a .txt file  and 'trim' that output with a vbscript or such that would erase the a folder perms list if it had the same perms as the one above it ( and which had a 'child' name of the other folder) I was working on making such when my boss told me that she wanted the complete list.  
The Upshot is.... CACLS won't show you the difference between inherited perms and new perms.
0
 
LVL 30

Expert Comment

by:SteveGTR
ID: 12347838
Based on your previous question and my understanding of what I think you want I created this batch file:

@echo off

setlocal enabledelayedexpansion

echo Processing %cd%...

cacls . >output.dat

call :COMPRESS "%cd%" output.dat _main.dat

for /f "delims=" %%a in ('dir /s /b /ad 2^>NUL') do call :PROCESS "%%a"

for %%a in (_temp1, _temp2, _main) do if exist %%a.dat del %%a.dat >NUL

echo Results are in output.dat

goto :EOF

:PROCESS

echo Checking %~1...

cacls "%~1" >_temp1.dat

call :COMPRESS "%~1" _temp1.dat _temp2.dat

echo N|comp _main.dat _temp2.dat 2>NUL >NUL

if %ERRORLEVEL%==0 goto :EOF

type _temp1.dat >>output.dat

goto :EOF

:COMPRESS

call :GETLENGTH "%~1"

set /a len+=1

if exist "%~3" del "%~3" >NUL

for /f "delims=" %%a in ('type "%~2"') do call :WRITELINE "%%a" "%~3"

goto :EOF

:WRITELINE

set _t=%~1

set _t=!_t:~%len%!

if "%_t%"=="" goto :EOF

echo %_t%>>"%~2"

goto :EOF

:GETLENGTH

set _t=%~1

set /a len=0

:COUNT

if "!_t:~%len%!"=="" goto :EOF

set /a len+=1
goto :COUNT

Good Luck,
Steve
0
 
LVL 6

Author Comment

by:Danny Kon
ID: 12347907
SteveGTR

No its not the same question because i didnt know it was possible to use the command CACLS /T for showing the results
I read it same as you that its a command to change the ACL but if you do CALCS /T "c:\program files" it will show the persmission
for the main dir and all underneath sub dirs.

2nd question the %variable% is indeed a changing "main" directory

Dan
0
 
LVL 6

Author Comment

by:Danny Kon
ID: 12348160
SteveGTR

Impressive as allways, because I dont understand anything about this batch
I there a way to change this batch so that it takes the %variable%

Dan
0
 
LVL 9

Expert Comment

by:DrWarezz
ID: 12348427
yeah, if you type:
cd %variable%

At the START of the batch file, after the "setlocal ...." command.
And then run the batch file, it will process everything in that directory I believe. :)

[r.D]
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 9

Expert Comment

by:DrWarezz
ID: 12348492
Or, if you want to pass an argument to the program, use this:

@echo off
setlocal enabledelayedexpansion

if [%1]==[] (
   echo Usage: FileName.bat directory
   exit /b
)
if exist "%1" (
   cd %1
) ELSE (
   echo Specified directory: %1 could not be found.
   exit /b
)

:// And then the rest of the batch file ....


OR, if you want a prompt, use this:

@echo off
setlocal enabledelayedexpansion

echo.
set /p variable="Enter the directory to process: "

if "%variable%"=="" (
   echo You have not specified a directory.
   echo Will process the current directory by default.
   echo    Currect Directory: %cd%
   echo    ....
)

:// Then the rest of the batch file ....


HTH :)
[r.D]
0
 
LVL 9

Expert Comment

by:DrWarezz
ID: 12348534
Actually, that last block should be:

@echo off
setlocal enabledelayedexpansion

echo.
set /p variable="Enter the directory to process: "

if "%variable%"=="" (
   echo You have not specified a directory.
   echo Will process the current directory by default.
   echo    Currect Directory: %cd%
   echo    ....
   goto :loop0
)

if exist "%variable%" (
   cd %variable%
) ELSE (
   echo Specified directory: %variable% could not be found.
   exit /b
)

:loop0

:// Then the rest of the batch file ....



:)
0
 
LVL 30

Expert Comment

by:SteveGTR
ID: 12348595
I modified the code to accept a parameter. If no directory is passed then the current directory is assumes.

@echo off

setlocal enabledelayedexpansion

set RootDir=%~1

if "%RootDir%"=="" set RootDir=%cd%

echo Processing %RootDir%...

cacls . >output.dat

call :COMPRESS "%RootDir%" output.dat _main.dat

for /f "delims=" %%a in ('dir %RootDir% /s /b /ad 2^>NUL') do call :PROCESS "%%a"

for %%a in (_temp1, _temp2, _main) do if exist %%a.dat del %%a.dat >NUL

echo Results are in output.dat

goto :EOF

:PROCESS

echo Checking %~1...

cacls "%~1" >_temp1.dat

call :COMPRESS "%~1" _temp1.dat _temp2.dat

echo N|comp _main.dat _temp2.dat 2>NUL >NUL

if %ERRORLEVEL%==0 goto :EOF

type _temp1.dat >>output.dat

goto :EOF

:COMPRESS

call :GETLENGTH "%~1"

set /a len+=1

if exist "%~3" del "%~3" >NUL

for /f "delims=" %%a in ('type "%~2"') do call :WRITELINE "%%a" "%~3"

goto :EOF

:WRITELINE

set _t=%~1

set _t=!_t:~%len%!

if "%_t%"=="" goto :EOF

echo %_t%>>"%~2"

goto :EOF

:GETLENGTH

set _t=%~1

set /a len=0

:COUNT

if "!_t:~%len%!"=="" goto :EOF

set /a len+=1
goto :COUNT
0
 
LVL 6

Author Comment

by:Danny Kon
ID: 12352411
SteveGTR,

I tested the program and it allmost works perfect if I do "test.bat c:\windows" <-- test.bat = your program
than it works perfect but if i do the same with c:\program files or if i just run the program in c:\program files
it gives the following result

C:\Program Files>test
Processing C:\Program Files...
Checking C:\Program Files\Opera75\Program...
Het systeem kan het opgegeven bestand niet vinden. =                    "dutch for system can not find file specified"
Checking C:\WINDOWS\PROGRAM...
Het systeem kan het opgegeven bestand niet vinden.
Results are in output.dat

Dan
0
 
LVL 30

Expert Comment

by:SteveGTR
ID: 12354315
If you want to pass a directory with spaces, my code requires you to enclose it in double quotes. This is like when you want to copy a file or whatever using DOS commands. So you would say:

test "c:\program files"

The code has a bug in it that you discovered. Change this line:

for /f "delims=" %%a in ('dir %RootDir% /s /b /ad 2^>NUL') do call :PROCESS "%%a"

to:

for /f "delims=" %%a in ('dir "%RootDir%" /s /b /ad 2^>NUL') do call :PROCESS "%%a"


0
 
LVL 6

Author Comment

by:Danny Kon
ID: 12364233
SteveGTR,

I tested the program today and I still have 2 small problems

I had one directory and i dont know exacly anymore but it was something like
c:\program files\program\some!program
Your program take the ! out of the directory so it was not found

Also but i dont understand at all why is that it gave as the first line in the output.dat:
This program can only be used on a ntfs partition
The only reason i can think of is that at my work I have a D and C partition and D is formatted as FAT but I have to check programs on C thats also the reason I asked for the %variable%
So this program is started from an batch on D and I call your program as: call SteveGTR.CMD %variable%
Dan
0
 
LVL 30

Accepted Solution

by:
SteveGTR earned 500 total points
ID: 12366098
I made some changes to the program to correct some bugs. Also, the problem with the exclamation point stems from the setlocal enabledelayedexpansion. CMD appears to strip out the embedded exclamation points. I couldn't find a good work around for this. Here's the batch file:

@echo off

setlocal enabledelayedexpansion

set RootDir=%~1

if "%RootDir%"=="" set RootDir=%cd%

echo Processing %RootDir%...

cacls "%RootDir%" >output.dat

call :COMPRESS "%RootDir%" output.dat _main.dat

for /f "delims=" %%a in ('dir "%RootDir%" /s /b /ad 2^>NUL') do call :PROCESS "%%a"

for %%a in (_temp1, _temp2, _main) do if exist %%a.dat del %%a.dat >NUL

echo Results are in output.dat

goto :EOF

:PROCESS

echo Checking %~1...

cacls "%~1" >_temp1.dat

call :COMPRESS "%~1" _temp1.dat _temp2.dat

echo N|comp _main.dat _temp2.dat 2>NUL >NUL

if %ERRORLEVEL%==0 goto :EOF

type _temp1.dat >>output.dat

goto :EOF

:COMPRESS

call :GETLENGTH %~dpf1

set /a len+=1

if exist "%~3" del "%~3" >NUL

for /f "delims=" %%a in ('type "%~2"') do call :WRITELINE "%%a" "%~3"

goto :EOF

:WRITELINE

set _t=%~1

set _t=!_t:~%len%!

if "%_t%"=="" goto :EOF

echo %_t%>>"%~2"

goto :EOF

:GETLENGTH

set _t=%*

set /a len=0

:COUNT

if "!_t:~%len%!"=="" goto :EOF

set /a len+=1
goto :COUNT
0
 
LVL 6

Author Comment

by:Danny Kon
ID: 12367367
Steve,

Points not enough to tell you how happy I am with your solution.
Many many Thx

Dan
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of my most closely kept secrets is revealed in this discussion How to output text on the same line This question was recently posted in EE by Simon336697 (http://www.experts-exchange.com/Programming/Languages/Scripting/Shell/Batch/Q_2459…
Being a system administrator some time we require to do things remotely, one of them is installing software. Here I am going to tell you how to install software through wmic (Windows management instrument console). I am not at all saying that this i…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now