Solved

Want the user names of all folders in all drives in a machine to a file. All security permission users.Of non shared folders.

Posted on 2008-09-30
30
240 Views
Last Modified: 2010-04-16
Hi,

Want the user names of all folders in all drives in a machine to a file. All security permission users.

All the shares in my file server are removed and have given shares only to people who have asked for. Now i have say 100 + folders in 5 + drives that are not shared and no one has come for it.
Now each folder when i go to Properties > Security can see a lot of user names. So need these user names into a file.So i can send them mails on they requiring it or can be deleted. So is there a way a scriopt runs on all folders that are not shared and gets the data as this.


Folder Name    Drive Name\Folder Name          Security permissions USer names.

Attached a sample script that does the exact and much more for folders that are shared. But in this case need for NON shares in all drives in the machine.

Regards
Sharath
SETLOCAL ENABLEDELAYEDEXPANSION
Set FieldDelimiter=,
Set ServerAccessCSV=C:\ShareNTFSPermissionsLog-%ComputerName%.CSV
 
ECHO "Folder Name"%FieldDelimiter%"UNC Path"%FieldDelimiter%"Local drive path"%FieldDelimiter%"Drive Letter"%FieldDelimiter%"Folder Size"%FieldDelimiter%"Number of Root folders"%FieldDelimiter%"Share permission"%FieldDelimiter%"Permission"%FieldDelimiter%"Security permission"%FieldDelimiter%"Permission">"%ServerAccessCSV%"
 
 
for /f "tokens=1 delims=:" %%a in ('rmtshare \\%ComputerName%^| find /v /i "default share" ^| find /v /i "Remote admin" ^| find /v /i "Remote IPC" ^| FIND ":"') DO (
    set Share=%%a
    set Share=!Share:~0,-2!
    For /l %%z in (1,1,30) DO if "!Share:~-1!" == " " Set Share=!Share:~0,-1!
 
    Set Comments=
    FOR /f "tokens=1,*" %%b in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "Remark"') DO Set Comments=%%c
 
 
    FOR /f "tokens=1,*" %%b in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "Path"') DO (
        Set SharePath=%%c
        Set FolderSeparator=
        For /l %%z in (1,1,100) DO (
            if "!SharePath:~-%%z,1!" == "\" Set FolderSeparator=Found
            if "!SharePath:~-%%z!" NEQ "\" IF NOT Defined FolderSeparator Set Folder=!SharePath:~-%%z!
        )
 
        Set SharePerm=
        FOR /f "Tokens=1 delims=: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i " : "') DO Set SharePerm=!SharePerm!#%%i#
        Set FirstAccount=
        for /f "tokens=*" %%d in ('cacls "%%c" ^| find ":" ^| find /v /i "Creator Owner" ^| FIND /v /i "BUILTIN" ^| FIND /v /i "NT AUTHORITY" ^| FIND /v /i "Special access"') do (
            Set FolderPerm=%%d
            Set FolderPerm=!FolderPerm:%%c =!
            for /f "tokens=1,2,* delims=:\" %%f in ('ECHO !FolderPerm!') do (
                Set Access=%%h
                Set Access=!Access:~-2!
                Set Access=!Access:~0,1!
                Set FolderSharePerm="%FieldDelimiter%"
                ECHO !SharePerm! | FIND /i "%%f\%%g"
                IF NOT ERRORLEVEL 1 FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%f\%%g"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j && Set SharePerm=!SharePerm:#%%f\%%g#=!
                IF !FolderSharePerm! == "%FieldDelimiter%" IF "!SharePerm!" NEQ "" (
                    FOR /f "tokens=1 delims=#" %%k in ('echo !SharePerm!') do (
                        If /i "%%k" == "\Everyone" (
                            FOR /f "Tokens=1,2 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
                        ) Else (
                            FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
                        )
     
                        Set SharePerm=!SharePerm:#%%k#=!
                    )
                )
                FOR /f "Tokens=*" %%i in ('dir "\\%ComputerName%\!Share!" /ad /b ^| find /c /v ""') DO Set NoSubFolder=%%i
                FOR /f "Tokens=3 delims= " %%i in ('dir "\\%ComputerName%\!Share!" /s ^| find /i "file(s)"') DO Set FolderSize=%%i
                
                ECHO !FolderSharePerm!
                IF NOT DEFINED FirstAccount (
                    ECHO "!Folder!"%FieldDelimiter%"\\%ComputerName%\!Share!"%FieldDelimiter%"!Comments!"%FieldDelimiter%"!SharePath!"%FieldDelimiter%"!SharePath:~0,1!"%FieldDelimiter%"!FolderSize!"%FieldDelimiter%"!NoSubFolder!"%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"%%g"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
                    SET FirstAccount=%%g
                ) ELSE (
                    ECHO ""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"%%g"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
                )
            )
        )
 
:AnotherShare
        IF "!SharePerm!" NEQ "" (
            FOR /f "tokens=1 delims=#" %%k in ('echo !SharePerm!') do (
                If /i "%%k" == "\Everyone" (
                    FOR /f "Tokens=1,2 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
                ) Else (
                    FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
                )
 
                ECHO ""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%""%FieldDelimiter%"">>"%ServerAccessCSV%"
                Set SharePerm=!SharePerm:#%%k#=!
                IF "!SharePerm!" NEQ "" goto :AnotherShare
            )
        )
    )
)

Open in new window

0
Comment
Question by:bsharath
  • 15
  • 11
  • 4
30 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 22605817
Question:  Why script this since windows' cacls.exe would output all this to a text file for you anyway....?
0
 
LVL 11

Author Comment

by:bsharath
ID: 22605861
Ok can you tell me how?
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 22606140
This would dump all of the permissions of the c drive to a file called list.txt

cacls c:\*.* /t > c:\list.txt

0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 11

Author Comment

by:bsharath
ID: 22606198
I get this


C:\>cacls D:\*.* /t > D:\list.txt
Access is denied.

C:\>cacls c:\*.* /t > D:\list.txt
The process cannot access the file because it is being used by another process.

C:\>cacls c:\*.* /t > c:\list.txt
The process cannot access the file because it is being used by another process.

Should i download "Cacls"
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 22606233
That would mean the user ID you are using does not have access to read the d:\   root directory.    

You should really run this with some admin rights.
0
 
LVL 11

Author Comment

by:bsharath
ID: 22606304
Yes got it but this is too complicated. I need to run on drives which are 1 TB and more and doing this will dump results of all folders and files. Any way to get just the folders and only folders that are not shared. So i have less results to query on.

Each drive has 1 TB of data and each drive has 100 + folders. In which 50 + are shared. So a script if can query for just Non shared folders then i would have less results to query on...
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 22627111
Ohhh..   Then just use sysinternals Accessenum
http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx

This will do what you want I think and lets you save out the list as a txt.  



0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22669487
Just root folders?
0
 
LVL 11

Author Comment

by:bsharath
ID: 22669572
Yes only root Folders in all drives in the machines.
In one case i want the report for all folders root folders within a folder.
Like
D:\Development
Within this i have 100+ folder which were shared before but now they are not shared.

Any report in this script in 2 cases. One is all root folder in all drives and another case all folders root in 1 folder.
Only folders that are not shared and security users alone.
If i can get the way you gave me some time ago for shared folders. If a nested group then even members of that groups too...
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22669649
OK. So you will specify a list of root folders to search?

D:\Development
D:\Production
E:\Sandbox
F:
0
 
LVL 11

Author Comment

by:bsharath
ID: 22669868
No...
The script has to scan any folder in the root of each drive that are not shared.
Any folder that's not shared has to be scanned
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22670557
So you specify the drive letter to search the root folders?

D:
E:
F:
0
 
LVL 11

Author Comment

by:bsharath
ID: 22670596
Ok i can specify.
0
 
LVL 21

Accepted Solution

by:
AmazingTech earned 500 total points
ID: 22670881
Give this a try and see if it produces what you want.
We can look at including the nested groups and members if it looks OK.

SETLOCAL ENABLEDELAYEDEXPANSION
Set RootFolderList=D:,E:,F:
Set FieldDelimiter=,
Set ServerAccessCSV=C:\NonSharedNTFSPermissionsLog-%ComputerName%.CSV
 
ECHO "Folder Name"%FieldDelimiter%"Local drive path"%FieldDelimiter%"Security permission"%FieldDelimiter%"Permission">"%ServerAccessCSV%"
 
 
:NextFolder
for /f "tokens=1,* delims=," %%a in ('ECHO !RootFolderList!') DO (
    Set RootFolderList=%%b
    for /f "tokens=*" %%c in ('dir /ad /b "%%a\"') DO (
        Set IsShared=
        for /f "tokens=1 delims=:" %%d in ('rmtshare \\%ComputerName%^| find /v /i "default share" ^| find /v /i "Remote admin" ^| find /v /i "Remote IPC" ^| FIND ":"') DO (
            set Share=%%d
            set Share=!Share:~0,-2!
            For /l %%z in (1,1,30) DO if "!Share:~-1!" == " " Set Share=!Share:~0,-1!
            FOR /f "tokens=1,*" %%e in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "Path"') DO IF /I "%%f" == "%%a\%%c" SET IsShared=True
        )
        IF NOT Defined IsShared (
                Set FirstAccount=
                for /f "tokens=*" %%g in ('cacls "%%a\%%c" ^| find ":" ^| find /v /i "Creator Owner" ^| FIND /v /i "BUILTIN" ^| FIND /v /i "NT AUTHORITY" ^| FIND /v /i "Special access"') do (
                    Set FolderPerm=%%g
                    Set FolderPerm=!FolderPerm:%%a\%%c =!
                    for /f "tokens=1,2,* delims=:\" %%f in ('ECHO !FolderPerm!') do (
                        Set Access=%%h
                        Set Access=!Access:~-2!
                        Set Access=!Access:~0,1!
                        If /i "%%f" == "Everyone" (
                            Set FolderSharePerm=%%f
                            Set Access=%%g
                        ) Else (
                            Set FolderSharePerm=%%f\%%g                            
                        )
                    )
 
                    IF NOT DEFINED FirstAccount (
                        ECHO "%%c"%FieldDelimiter%"%%a\%%c"%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
                        SET FirstAccount=!FolderSharePerm!
                    ) ELSE (
                        ECHO ""%FieldDelimiter%""%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
                    )
                )
            )
        )
 
    )
 
)
IF DEFINED RootFolderList GOTO NextFolder

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 22671067
I get this

---------------------------
Windows Script Host
---------------------------
Script:      D:\AT Groups.vbs
Line:      3
Char:      20
Error:      Syntax error
Code:      800A03EA
Source:       Microsoft VBScript compilation error

---------------------------
OK  
---------------------------

If the code has D E & F and the drives are not available also i get an error.
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22671105
DOS batch file
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22671109
Modify the Set RootFolderList with valid available drives.
0
 
LVL 11

Author Comment

by:bsharath
ID: 22671119
I have the line as this
Set RootFolderList=D:
Its a vista machine where i am checking and i think its not accepting D drive directly
0
 
LVL 11

Author Comment

by:bsharath
ID: 22671132
Sorry was trying it as a vbs now it gets me the results file.
But i queries the shared folders not nonshared folders.

I want it to query any folders in the drive that are not shared.
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22671162
Should be non shared.
0
 
LVL 11

Author Comment

by:bsharath
ID: 22671190
Does it need this file "Rmtshare"?
I put this file in the same drive where the script is and ran the script and the csv is blank without any results just the headers are created...
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22671383
Yes RMTSHARE is required.

Is your root drive shared other than the administrative hidden share?

To view your shares Run:
RMTSHARE \\%ComputerName%
0
 
LVL 11

Author Comment

by:bsharath
ID: 22671426
I get this

D:\>RMTSHARE \\%ComputerName%

Share name   Resource                        Remark

-------------------------------------------------------------------------------
ADMIN$       C:\Windows                      Remote Admin
C$           C:\                             Default share
D$           D:\                             Default share
IPC$                                         Remote IPC
print$       C:\Windows\system32\spool\dr... Printer Drivers
Screen Shots C:\Screen Shots

ZipFilesprotected D:\ZipFilesprotected

The command completed successfully.


They are not shared and will not be. Only the administive share is enabled.
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22671516
Can you post your batch file?
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22671556
You only have 2 shares on this computer.

Screen Shots C:\Screen Shots
ZipFilesprotected D:\ZipFilesprotected

So when you do D: all folders except ZipFilesProtected should show up in the CSV.
0
 
LVL 11

Author Comment

by:bsharath
ID: 22675321
Yes you are right.. Other than ZipFilesprotected all the other folders has to come into the CSV
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 22675633
So that is what you want correct?

Give it a try on your server and see if you get the same results.
0
 
LVL 11

Author Comment

by:bsharath
ID: 22675730
Thank U AT worked perfect any help with the other posts...
0
 
LVL 11

Author Comment

by:bsharath
ID: 22694902
0
 
LVL 11

Author Comment

by:bsharath
ID: 22713787
AT any help with the above posts...
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have published numerous articles here at Experts Exchange that present programs/scripts written in a language called AutoHotkey. Each of those articles has a brief paragraph describing where to download the product and how to install it. I have al…
Deploying a Microsoft Access application in a Citrix environment is not difficult but takes a few steps. However, Citrix system people are often of little help, as they typically know next to nothing about Access. The script provided here will take …
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question