Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 246
  • Last Modified:

Want the user names of all folders in all drives in a machine to a file. All security permission users.Of non shared folders.

Hi,

Want the user names of all folders in all drives in a machine to a file. All security permission users.

All the shares in my file server are removed and have given shares only to people who have asked for. Now i have say 100 + folders in 5 + drives that are not shared and no one has come for it.
Now each folder when i go to Properties > Security can see a lot of user names. So need these user names into a file.So i can send them mails on they requiring it or can be deleted. So is there a way a scriopt runs on all folders that are not shared and gets the data as this.


Folder Name    Drive Name\Folder Name          Security permissions USer names.

Attached a sample script that does the exact and much more for folders that are shared. But in this case need for NON shares in all drives in the machine.

Regards
Sharath
SETLOCAL ENABLEDELAYEDEXPANSION
Set FieldDelimiter=,
Set ServerAccessCSV=C:\ShareNTFSPermissionsLog-%ComputerName%.CSV
 
ECHO "Folder Name"%FieldDelimiter%"UNC Path"%FieldDelimiter%"Local drive path"%FieldDelimiter%"Drive Letter"%FieldDelimiter%"Folder Size"%FieldDelimiter%"Number of Root folders"%FieldDelimiter%"Share permission"%FieldDelimiter%"Permission"%FieldDelimiter%"Security permission"%FieldDelimiter%"Permission">"%ServerAccessCSV%"
 
 
for /f "tokens=1 delims=:" %%a in ('rmtshare \\%ComputerName%^| find /v /i "default share" ^| find /v /i "Remote admin" ^| find /v /i "Remote IPC" ^| FIND ":"') DO (
    set Share=%%a
    set Share=!Share:~0,-2!
    For /l %%z in (1,1,30) DO if "!Share:~-1!" == " " Set Share=!Share:~0,-1!
 
    Set Comments=
    FOR /f "tokens=1,*" %%b in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "Remark"') DO Set Comments=%%c
 
 
    FOR /f "tokens=1,*" %%b in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "Path"') DO (
        Set SharePath=%%c
        Set FolderSeparator=
        For /l %%z in (1,1,100) DO (
            if "!SharePath:~-%%z,1!" == "\" Set FolderSeparator=Found
            if "!SharePath:~-%%z!" NEQ "\" IF NOT Defined FolderSeparator Set Folder=!SharePath:~-%%z!
        )
 
        Set SharePerm=
        FOR /f "Tokens=1 delims=: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i " : "') DO Set SharePerm=!SharePerm!#%%i#
        Set FirstAccount=
        for /f "tokens=*" %%d in ('cacls "%%c" ^| find ":" ^| find /v /i "Creator Owner" ^| FIND /v /i "BUILTIN" ^| FIND /v /i "NT AUTHORITY" ^| FIND /v /i "Special access"') do (
            Set FolderPerm=%%d
            Set FolderPerm=!FolderPerm:%%c =!
            for /f "tokens=1,2,* delims=:\" %%f in ('ECHO !FolderPerm!') do (
                Set Access=%%h
                Set Access=!Access:~-2!
                Set Access=!Access:~0,1!
                Set FolderSharePerm="%FieldDelimiter%"
                ECHO !SharePerm! | FIND /i "%%f\%%g"
                IF NOT ERRORLEVEL 1 FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%f\%%g"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j && Set SharePerm=!SharePerm:#%%f\%%g#=!
                IF !FolderSharePerm! == "%FieldDelimiter%" IF "!SharePerm!" NEQ "" (
                    FOR /f "tokens=1 delims=#" %%k in ('echo !SharePerm!') do (
                        If /i "%%k" == "\Everyone" (
                            FOR /f "Tokens=1,2 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
                        ) Else (
                            FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
                        )
     
                        Set SharePerm=!SharePerm:#%%k#=!
                    )
                )
                FOR /f "Tokens=*" %%i in ('dir "\\%ComputerName%\!Share!" /ad /b ^| find /c /v ""') DO Set NoSubFolder=%%i
                FOR /f "Tokens=3 delims= " %%i in ('dir "\\%ComputerName%\!Share!" /s ^| find /i "file(s)"') DO Set FolderSize=%%i
                
                ECHO !FolderSharePerm!
                IF NOT DEFINED FirstAccount (
                    ECHO "!Folder!"%FieldDelimiter%"\\%ComputerName%\!Share!"%FieldDelimiter%"!Comments!"%FieldDelimiter%"!SharePath!"%FieldDelimiter%"!SharePath:~0,1!"%FieldDelimiter%"!FolderSize!"%FieldDelimiter%"!NoSubFolder!"%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"%%g"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
                    SET FirstAccount=%%g
                ) ELSE (
                    ECHO ""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"%%g"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
                )
            )
        )
 
:AnotherShare
        IF "!SharePerm!" NEQ "" (
            FOR /f "tokens=1 delims=#" %%k in ('echo !SharePerm!') do (
                If /i "%%k" == "\Everyone" (
                    FOR /f "Tokens=1,2 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
                ) Else (
                    FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
                )
 
                ECHO ""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%""%FieldDelimiter%"">>"%ServerAccessCSV%"
                Set SharePerm=!SharePerm:#%%k#=!
                IF "!SharePerm!" NEQ "" goto :AnotherShare
            )
        )
    )
)

Open in new window

0
bsharath
Asked:
bsharath
  • 15
  • 11
  • 4
1 Solution
 
MikeKaneCommented:
Question:  Why script this since windows' cacls.exe would output all this to a text file for you anyway....?
0
 
bsharathAuthor Commented:
Ok can you tell me how?
0
 
MikeKaneCommented:
This would dump all of the permissions of the c drive to a file called list.txt

cacls c:\*.* /t > c:\list.txt

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
bsharathAuthor Commented:
I get this


C:\>cacls D:\*.* /t > D:\list.txt
Access is denied.

C:\>cacls c:\*.* /t > D:\list.txt
The process cannot access the file because it is being used by another process.

C:\>cacls c:\*.* /t > c:\list.txt
The process cannot access the file because it is being used by another process.

Should i download "Cacls"
0
 
MikeKaneCommented:
That would mean the user ID you are using does not have access to read the d:\   root directory.    

You should really run this with some admin rights.
0
 
bsharathAuthor Commented:
Yes got it but this is too complicated. I need to run on drives which are 1 TB and more and doing this will dump results of all folders and files. Any way to get just the folders and only folders that are not shared. So i have less results to query on.

Each drive has 1 TB of data and each drive has 100 + folders. In which 50 + are shared. So a script if can query for just Non shared folders then i would have less results to query on...
0
 
MikeKaneCommented:
Ohhh..   Then just use sysinternals Accessenum
http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx

This will do what you want I think and lets you save out the list as a txt.  



0
 
AmazingTechCommented:
Just root folders?
0
 
bsharathAuthor Commented:
Yes only root Folders in all drives in the machines.
In one case i want the report for all folders root folders within a folder.
Like
D:\Development
Within this i have 100+ folder which were shared before but now they are not shared.

Any report in this script in 2 cases. One is all root folder in all drives and another case all folders root in 1 folder.
Only folders that are not shared and security users alone.
If i can get the way you gave me some time ago for shared folders. If a nested group then even members of that groups too...
0
 
AmazingTechCommented:
OK. So you will specify a list of root folders to search?

D:\Development
D:\Production
E:\Sandbox
F:
0
 
bsharathAuthor Commented:
No...
The script has to scan any folder in the root of each drive that are not shared.
Any folder that's not shared has to be scanned
0
 
AmazingTechCommented:
So you specify the drive letter to search the root folders?

D:
E:
F:
0
 
bsharathAuthor Commented:
Ok i can specify.
0
 
AmazingTechCommented:
Give this a try and see if it produces what you want.
We can look at including the nested groups and members if it looks OK.

SETLOCAL ENABLEDELAYEDEXPANSION
Set RootFolderList=D:,E:,F:
Set FieldDelimiter=,
Set ServerAccessCSV=C:\NonSharedNTFSPermissionsLog-%ComputerName%.CSV
 
ECHO "Folder Name"%FieldDelimiter%"Local drive path"%FieldDelimiter%"Security permission"%FieldDelimiter%"Permission">"%ServerAccessCSV%"
 
 
:NextFolder
for /f "tokens=1,* delims=," %%a in ('ECHO !RootFolderList!') DO (
    Set RootFolderList=%%b
    for /f "tokens=*" %%c in ('dir /ad /b "%%a\"') DO (
        Set IsShared=
        for /f "tokens=1 delims=:" %%d in ('rmtshare \\%ComputerName%^| find /v /i "default share" ^| find /v /i "Remote admin" ^| find /v /i "Remote IPC" ^| FIND ":"') DO (
            set Share=%%d
            set Share=!Share:~0,-2!
            For /l %%z in (1,1,30) DO if "!Share:~-1!" == " " Set Share=!Share:~0,-1!
            FOR /f "tokens=1,*" %%e in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "Path"') DO IF /I "%%f" == "%%a\%%c" SET IsShared=True
        )
        IF NOT Defined IsShared (
                Set FirstAccount=
                for /f "tokens=*" %%g in ('cacls "%%a\%%c" ^| find ":" ^| find /v /i "Creator Owner" ^| FIND /v /i "BUILTIN" ^| FIND /v /i "NT AUTHORITY" ^| FIND /v /i "Special access"') do (
                    Set FolderPerm=%%g
                    Set FolderPerm=!FolderPerm:%%a\%%c =!
                    for /f "tokens=1,2,* delims=:\" %%f in ('ECHO !FolderPerm!') do (
                        Set Access=%%h
                        Set Access=!Access:~-2!
                        Set Access=!Access:~0,1!
                        If /i "%%f" == "Everyone" (
                            Set FolderSharePerm=%%f
                            Set Access=%%g
                        ) Else (
                            Set FolderSharePerm=%%f\%%g                            
                        )
                    )
 
                    IF NOT DEFINED FirstAccount (
                        ECHO "%%c"%FieldDelimiter%"%%a\%%c"%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
                        SET FirstAccount=!FolderSharePerm!
                    ) ELSE (
                        ECHO ""%FieldDelimiter%""%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
                    )
                )
            )
        )
 
    )
 
)
IF DEFINED RootFolderList GOTO NextFolder

Open in new window

0
 
bsharathAuthor Commented:
I get this

---------------------------
Windows Script Host
---------------------------
Script:      D:\AT Groups.vbs
Line:      3
Char:      20
Error:      Syntax error
Code:      800A03EA
Source:       Microsoft VBScript compilation error

---------------------------
OK  
---------------------------

If the code has D E & F and the drives are not available also i get an error.
0
 
AmazingTechCommented:
DOS batch file
0
 
AmazingTechCommented:
Modify the Set RootFolderList with valid available drives.
0
 
bsharathAuthor Commented:
I have the line as this
Set RootFolderList=D:
Its a vista machine where i am checking and i think its not accepting D drive directly
0
 
bsharathAuthor Commented:
Sorry was trying it as a vbs now it gets me the results file.
But i queries the shared folders not nonshared folders.

I want it to query any folders in the drive that are not shared.
0
 
AmazingTechCommented:
Should be non shared.
0
 
bsharathAuthor Commented:
Does it need this file "Rmtshare"?
I put this file in the same drive where the script is and ran the script and the csv is blank without any results just the headers are created...
0
 
AmazingTechCommented:
Yes RMTSHARE is required.

Is your root drive shared other than the administrative hidden share?

To view your shares Run:
RMTSHARE \\%ComputerName%
0
 
bsharathAuthor Commented:
I get this

D:\>RMTSHARE \\%ComputerName%

Share name   Resource                        Remark

-------------------------------------------------------------------------------
ADMIN$       C:\Windows                      Remote Admin
C$           C:\                             Default share
D$           D:\                             Default share
IPC$                                         Remote IPC
print$       C:\Windows\system32\spool\dr... Printer Drivers
Screen Shots C:\Screen Shots

ZipFilesprotected D:\ZipFilesprotected

The command completed successfully.


They are not shared and will not be. Only the administive share is enabled.
0
 
AmazingTechCommented:
Can you post your batch file?
0
 
AmazingTechCommented:
You only have 2 shares on this computer.

Screen Shots C:\Screen Shots
ZipFilesprotected D:\ZipFilesprotected

So when you do D: all folders except ZipFilesProtected should show up in the CSV.
0
 
bsharathAuthor Commented:
Yes you are right.. Other than ZipFilesprotected all the other folders has to come into the CSV
0
 
AmazingTechCommented:
So that is what you want correct?

Give it a try on your server and see if you get the same results.
0
 
bsharathAuthor Commented:
Thank U AT worked perfect any help with the other posts...
0
 
bsharathAuthor Commented:
AT any help with the above posts...
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 15
  • 11
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now