?
Solved

How to find where rights are inherited from in NTFS

Posted on 2007-11-29
3
Medium Priority
?
398 Views
Last Modified: 2010-04-21
Greetings,
I am trying to find a tool or a way to backtrack inherited rights in an NTFS structure.
Ex: I have a directoy structure like C:\ABC\123\DEF\456.
A group called Test has inherited rights in the 456 directory, but does not exist in the parent directories. So where did it inherit rights from?
Is it possible that it could have once existed in a parent directory and was removed? But if that was the case wouldn't the rights no longer show as inherited?
I once used a simple tool that was able to backtrack the inheritance of security through a directory structure, but I no longer have it and can't remember the name.
Any thoughts?

Thanks
Mark
0
Comment
Question by:mrlevesque
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 1400 total points
ID: 20376558
That folder probably was *moved* from another folder from which it inherited those permissions earlier on.
When a folder is moved within the same partition, the current ACL is kept, not inherited from the parent folder (which can lead to rather confusing results, as you've just noticed).
The tool I like best for security auditing is Somarsoft's DumpSec (http://www.systemtools.com/somarsoft); then there are Sysinternal's AccessEnum, AccessCheck, and ShareEnum (http://www.microsoft.com/technet/sysinternals/securityutilities.mspx?wt.svl=featured).
0
 
LVL 38

Assisted Solution

by:Shift-3
Shift-3 earned 600 total points
ID: 20377996
You can also right-click the file or folder, hit Properties, go to the Security tab, and click the Advanced button.  This will display where each permission was inherited from.  Any permissions which are explicit on the object will show <not inherited>.

This won't help in a situation where the object was moved and you want to know its original location.  You'd need to enable auditing to track that.
0
 

Author Closing Comment

by:mrlevesque
ID: 31411756
Thank-you both!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question