Security to folders

I’m looking for a way to see what folders a specific user has permission to access.
Active Directory shows what security groups a user belongs to by looking at the ‘member of’ tab but this doesn’t show any individual folders that the user has been given access to.

I found a piece of software called security explorer that will drill down and show any folder on any network drive that the user has permissions to but it comes at a price of $500. Before I ask for the company check book, I thought I would pose the question to see if anybody else had a solution (cheap or free would be wonderful!)
badams31Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

elbereth21Commented:
Hi,
a method I use frequently is to run a check on all shared folders on a server with Dumpacl: http://www.somarsoft.com/
It is free and really useful and easy to use.
0
kamichieCommented:
This is really bugging me, you do not need to pay $500 bucks for this functionality. I know vbscript can accomplish this pretty easily, I just can't seem to find a prewritten script for you.
0
Phil RineOwnerCommented:
You could simply go to the specific folder and right click on it a nd go to properties.  On the security tab you will see what groups and/or individuals have been given permission and what type of permission they have.  Of course you can manage all of this through group policy.
Phil
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

kamichieCommented:
I think this guy wants to be able to type in a username, and see which folders that user could access, read, write, or etc. This way he can verify he hasn't accidently given them permisiions to a folder they shouldn't have. I dont know how big his network is, but when you deal with over 1500 users and some 246 gigs of excel files, databases, and other crap it can get overwhelming. Espically if you work for one of these places that is constantly moving people from one project to another, blah, blah. My final point is if badams31 cant find a soultion from one of these posts, I bet I could slap together a script for him. Let me know, cause I'm not going to do it unless you absoultely can't find another solution.
0
Phil RineOwnerCommented:
kamichie...You make a very good point.  I wasn't considering the scope of his network and number of users.
Phil
0
badams31Author Commented:
Kamichie, you are right on as to what i want to do... a script would be PERFECT.
0
samb39Commented:
This would work, but it would be a bit messy

Open a command prompt window

CD to the root of the tree you want to search

execute this command:

cacls *.* /T > permissions.txt

The result appears in the file permissions.txt, and it looks like this:

---------------------------------------------------------------
E:\Documents and Settings\Sam\Desktop\temp1\New Folder SAMP4\Sam:F
                                                       SAMP4\Sam:(OI)(CI)(IO)F
                                                       NT AUTHORITY\SYSTEM:F
                                                       NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F
                                                       BUILTIN\Administrators:F
                                                       BUILTIN\Administrators:(OI)(CI)(IO)F

E:\Documents and Settings\Sam\Desktop\temp1\New Text Document.txt SAMP4\Waldo:R
                                                                  SAMP4\Sam:F
                                                                  NT AUTHORITY\SYSTEM:F
                                                                  BUILTIN\Administrators:F

E:\Documents and Settings\Sam\Desktop\temp1\permissions.txt SAMP4\Sam:F
                                                            NT AUTHORITY\SYSTEM:F
                                                            BUILTIN\Administrators:F

E:\Documents and Settings\Sam\Desktop\temp1\New Folder\New Text Document.txt SAMP4\Waldo:R
                                                                             SAMP4\Sam:F
                                                                             NT AUTHORITY\SYSTEM:F
                                                                             BUILTIN\Administrators:F

----------------------------------------------------------------------------------------------------
Now all you have to do is find all occurrences of the name you want in that list, plus all other names that include that person (such as Everyone and Authenticated Users).  If it's a large list, I'd import it into Excel and use string functions to find them.


0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
enwhyseeCommented:
You could use the following tool from SysInternals:

"There's no built-in way to quickly view user accesses to a tree of directories or keys. AccessEnum gives you a full view of your file system and Registry security settings in seconds, making it the ideal tool for helping you for security holes and lock down permissions where necessary. "

http://www.sysinternals.com/Utilities/AccessEnum.html

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.