[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Retrieving acls from dir tree

Posted on 2007-10-04
14
Medium Priority
?
850 Views
Last Modified: 2008-01-09
I had a question answered a question for me on Experts Exchange by Sir Bounty ages OK and it works beautifuly. I wonder however if there is a way to modify it sligtly so that it only shows users with full control of a directory. The reason I ask is we have a share that power users have given standard users Full rights to a number of dir's where they shouldn't have and now I have to track them down :o(
I ran the string below and the file size produced is 55MB and it is too big for VBscript and Excel to work with.
Any help would be appreciated.
for /f %a in ('dir "C:\pro lib" /ad /b') do (for /r %a in (.) do cacls "%a") >> C:\CaclsReport.log

In summary; can this string be modified to produce a report that ONLY displays accounts with FULL access to dir?

Thanks in advance

Stuart
0
Comment
Question by:stubar
  • 7
  • 7
14 Comments
 
LVL 43

Expert Comment

by:Steve Knight
ID: 20012962
Try this:

@echo off
del c:\calcsreport.log 2>nul
for /f %a in ('dir "C:\pro lib" /ad /b') do (for /r %a in (.) do @cacls "%a" | find "F*" | FIND /I /V "Administrators" | find /I /V "Everyone" ) >> C:\CaclsReport.log

That finds only lines with "F " in them which should (mainly at least) be those that end in F for full control.
It excludes lines that include Administrators or Everyone group by using the second two FIND commands.  Those can be removed if you wish..
Steve
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 20012965
Sorry that F* should be F followed by a space:

@echo off
del c:\calcsreport.log 2>nul
for /f %a in ('dir "C:\pro lib" /ad /b') do (for /r %a in (.) do @cacls "%a" | find "F " | FIND /I /V "Administrators" | find /I /V "Everyone" ) >> C:\CaclsReport.log
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 20012972
And actually if we use FINDSTR instead then we can make sure the F is on the end of the line in case you have any filenames containing an F and space after it... the F. means F followed by any character as findstr doesn't seem to like matching the space and the /E means the lines ends with these characters...

@echo off
del c:\calcsreport.log 2>nul
for /f %a in ('dir "C:\pro lib" /ad /b') do (for /r %a in (.) do @cacls "%a" | findstr /E "F." | FIND /I /V "Administrators" | find /I /V "Everyone" ) >> C:\CaclsReport.logback to top

Steve
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:stubar
ID: 20013010
Cheers Steve
That works :o)
If I wanted to add groups into the 'Please ignore this as well' would it be something like:
for /f %a in ('dir "C:\pro lib" /ad /b') do (for /r %a in (.) do @cacls "%a" | find "F*" | FIND /I /V "Administrators" | find /I /V "Everyone" | FIND /I /V "COMops" ) >> C:\CaclsReport.log

COMops is a group name which reads as (HC\COMops)

Cheers

Stuart
0
 
LVL 43

Accepted Solution

by:
Steve Knight earned 1000 total points
ID: 20013028
Exactly... if there are lots of groups it could get a bit long but you should be alright with a small selection:

@echo off
del c:\calcsreport.log 2>nul
for /f %a in ('dir "C:\pro lib" /ad /b') do (for /r %a in (.) do @cacls "%a" | findstr /E "F." | FIND /I /V "Administrators" | find /I /V "Everyone " | FIND /I /V "COMops") >> C:\CaclsReport.log

That could technically lose a line that has the word Everyone, COMops or Administrators in the directory / filename for instance though.... if that is a problem you can do a search for BUILTIN\Administrators etc. for instance


Steve

0
 

Author Comment

by:stubar
ID: 20013062
Absolutely spot on perfect, thank you.
And I appreciate the comments on helping to understand it as well.

Thanks

Stuart
0
 

Author Comment

by:stubar
ID: 20013152
Sorry Steve

I've just run this on the server, TS running 2000, and this is the error I'm getting:
find: unable to access "/I": The system cannot find the file specified.
find: unable to access "/V": The system cannot find the file specified.
find: unable to access "Everyone ": The system cannot find the file specified.
find: unable to access "/I": The system cannot find the file specified.
find: unable to access "/V": The system cannot find the file specified.
find: unable to access "Administrators": The system cannot find the file specified.

If you don't put in the exceptions it works EG | find /I /V "Everyone "

Any thoughts?

Cheers

Stuart
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 20013362
Can you post exactly wht you are typing please.  I assume you are running it as a batch file?  You haven't called the batch file something like find.bat etc. have you?

Steve
0
 

Author Comment

by:stubar
ID: 20013474
Thanks for getting back so fast Steve

I created a 'Test 2' test folder and then ran it straight from the command line.
So, for the puposes of the command line I was in
E:\Test 2>for /f %a in ('dir "E:\Test 2" /ad /b') do (for /r %a in (.) do @cacls "%a" | find "F " | FIND /I /V "Administrators" | find /I /V "Everyone" ) >> C:\CaclsReport.log
0
 

Author Comment

by:stubar
ID: 20013989
I should also mention that when tested on an XP machine it worked firn and did as was expected

0
 

Author Comment

by:stubar
ID: 20014158
After advice I have also placed carets before the pipes but it still didn't work :o(

for /f %a in ('dir "C:\pro lib" /ad /b') do (for /r %a in (.) do @cacls "%a" ^| findstr /E "F." ^| FIND /I /V "Administrators" ^| find /I /V "Everyone " ^| FIND /I /V "COMops") >> C:\CaclsReport.log

Although the error changed. It now outputs to the log but instead of the results expected it is the standard help as if there was an error in the code.

Thanks again in advance

Stuart
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 20014919
Busy right now, sorry.  I'll take a look later on.

I tested it on Windows 2000 and all seemed OK for me, I'll try your commandline out. You shouldn't ned the ^ characters before the pipes.

Steve
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 20018106
Not available tomorrow, please remind me on Monday if this isn't sorted.

Steve
0
 

Author Comment

by:stubar
ID: 20020266
Thanks Steve, but don't worry about it.
Your line works fine everywhere else but where I actually need it, (typical!) so it's the box at fault not the code.

Thanks again for all your efforts and to everyone else as well.

Stuart
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Step by step guide to Clean and Sort your windows registry! Introduction: Always remember: A Clean registry = Better performance = Save your invaluable time In this article we're going to clear our registry manually! Yes, manually! The e…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses
Course of the Month18 days, 19 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question