bsharath
asked on
Want the user names of all folders in all drives in a machine to a file. All security permission users.Of non shared folders.
Hi,
Want the user names of all folders in all drives in a machine to a file. All security permission users.
All the shares in my file server are removed and have given shares only to people who have asked for. Now i have say 100 + folders in 5 + drives that are not shared and no one has come for it.
Now each folder when i go to Properties > Security can see a lot of user names. So need these user names into a file.So i can send them mails on they requiring it or can be deleted. So is there a way a scriopt runs on all folders that are not shared and gets the data as this.
Folder Name Drive Name\Folder Name Security permissions USer names.
Attached a sample script that does the exact and much more for folders that are shared. But in this case need for NON shares in all drives in the machine.
Regards
Sharath
Want the user names of all folders in all drives in a machine to a file. All security permission users.
All the shares in my file server are removed and have given shares only to people who have asked for. Now i have say 100 + folders in 5 + drives that are not shared and no one has come for it.
Now each folder when i go to Properties > Security can see a lot of user names. So need these user names into a file.So i can send them mails on they requiring it or can be deleted. So is there a way a scriopt runs on all folders that are not shared and gets the data as this.
Folder Name Drive Name\Folder Name Security permissions USer names.
Attached a sample script that does the exact and much more for folders that are shared. But in this case need for NON shares in all drives in the machine.
Regards
Sharath
SETLOCAL ENABLEDELAYEDEXPANSION
Set FieldDelimiter=,
Set ServerAccessCSV=C:\ShareNTFSPermissionsLog-%ComputerName%.CSV
ECHO "Folder Name"%FieldDelimiter%"UNC Path"%FieldDelimiter%"Local drive path"%FieldDelimiter%"Drive Letter"%FieldDelimiter%"Folder Size"%FieldDelimiter%"Number of Root folders"%FieldDelimiter%"Share permission"%FieldDelimiter%"Permission"%FieldDelimiter%"Security permission"%FieldDelimiter%"Permission">"%ServerAccessCSV%"
for /f "tokens=1 delims=:" %%a in ('rmtshare \\%ComputerName%^| find /v /i "default share" ^| find /v /i "Remote admin" ^| find /v /i "Remote IPC" ^| FIND ":"') DO (
set Share=%%a
set Share=!Share:~0,-2!
For /l %%z in (1,1,30) DO if "!Share:~-1!" == " " Set Share=!Share:~0,-1!
Set Comments=
FOR /f "tokens=1,*" %%b in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "Remark"') DO Set Comments=%%c
FOR /f "tokens=1,*" %%b in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "Path"') DO (
Set SharePath=%%c
Set FolderSeparator=
For /l %%z in (1,1,100) DO (
if "!SharePath:~-%%z,1!" == "\" Set FolderSeparator=Found
if "!SharePath:~-%%z!" NEQ "\" IF NOT Defined FolderSeparator Set Folder=!SharePath:~-%%z!
)
Set SharePerm=
FOR /f "Tokens=1 delims=: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i " : "') DO Set SharePerm=!SharePerm!#%%i#
Set FirstAccount=
for /f "tokens=*" %%d in ('cacls "%%c" ^| find ":" ^| find /v /i "Creator Owner" ^| FIND /v /i "BUILTIN" ^| FIND /v /i "NT AUTHORITY" ^| FIND /v /i "Special access"') do (
Set FolderPerm=%%d
Set FolderPerm=!FolderPerm:%%c =!
for /f "tokens=1,2,* delims=:\" %%f in ('ECHO !FolderPerm!') do (
Set Access=%%h
Set Access=!Access:~-2!
Set Access=!Access:~0,1!
Set FolderSharePerm="%FieldDelimiter%"
ECHO !SharePerm! | FIND /i "%%f\%%g"
IF NOT ERRORLEVEL 1 FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%f\%%g"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j && Set SharePerm=!SharePerm:#%%f\%%g#=!
IF !FolderSharePerm! == "%FieldDelimiter%" IF "!SharePerm!" NEQ "" (
FOR /f "tokens=1 delims=#" %%k in ('echo !SharePerm!') do (
If /i "%%k" == "\Everyone" (
FOR /f "Tokens=1,2 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
) Else (
FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
)
Set SharePerm=!SharePerm:#%%k#=!
)
)
FOR /f "Tokens=*" %%i in ('dir "\\%ComputerName%\!Share!" /ad /b ^| find /c /v ""') DO Set NoSubFolder=%%i
FOR /f "Tokens=3 delims= " %%i in ('dir "\\%ComputerName%\!Share!" /s ^| find /i "file(s)"') DO Set FolderSize=%%i
ECHO !FolderSharePerm!
IF NOT DEFINED FirstAccount (
ECHO "!Folder!"%FieldDelimiter%"\\%ComputerName%\!Share!"%FieldDelimiter%"!Comments!"%FieldDelimiter%"!SharePath!"%FieldDelimiter%"!SharePath:~0,1!"%FieldDelimiter%"!FolderSize!"%FieldDelimiter%"!NoSubFolder!"%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"%%g"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
SET FirstAccount=%%g
) ELSE (
ECHO ""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%"%%g"%FieldDelimiter%"!Access!">>"%ServerAccessCSV%"
)
)
)
:AnotherShare
IF "!SharePerm!" NEQ "" (
FOR /f "tokens=1 delims=#" %%k in ('echo !SharePerm!') do (
If /i "%%k" == "\Everyone" (
FOR /f "Tokens=1,2 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
) Else (
FOR /f "Tokens=2,3 delims=\: " %%i in ('rmtshare \\%ComputerName%\"!Share!" ^| FIND /i "%%k"') DO Set FolderSharePerm=%%i"%FieldDelimiter%"%%j
)
ECHO ""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%""%FieldDelimiter%"!FolderSharePerm!"%FieldDelimiter%""%FieldDelimiter%"">>"%ServerAccessCSV%"
Set SharePerm=!SharePerm:#%%k#=!
IF "!SharePerm!" NEQ "" goto :AnotherShare
)
)
)
)
Question: Why script this since windows' cacls.exe would output all this to a text file for you anyway....?
ASKER
Ok can you tell me how?
This would dump all of the permissions of the c drive to a file called list.txt
cacls c:\*.* /t > c:\list.txt
cacls c:\*.* /t > c:\list.txt
ASKER
I get this
C:\>cacls D:\*.* /t > D:\list.txt
Access is denied.
C:\>cacls c:\*.* /t > D:\list.txt
The process cannot access the file because it is being used by another process.
C:\>cacls c:\*.* /t > c:\list.txt
The process cannot access the file because it is being used by another process.
Should i download "Cacls"
C:\>cacls D:\*.* /t > D:\list.txt
Access is denied.
C:\>cacls c:\*.* /t > D:\list.txt
The process cannot access the file because it is being used by another process.
C:\>cacls c:\*.* /t > c:\list.txt
The process cannot access the file because it is being used by another process.
Should i download "Cacls"
That would mean the user ID you are using does not have access to read the d:\ root directory.
You should really run this with some admin rights.
You should really run this with some admin rights.
ASKER
Yes got it but this is too complicated. I need to run on drives which are 1 TB and more and doing this will dump results of all folders and files. Any way to get just the folders and only folders that are not shared. So i have less results to query on.
Each drive has 1 TB of data and each drive has 100 + folders. In which 50 + are shared. So a script if can query for just Non shared folders then i would have less results to query on...
Each drive has 1 TB of data and each drive has 100 + folders. In which 50 + are shared. So a script if can query for just Non shared folders then i would have less results to query on...
Ohhh.. Then just use sysinternals Accessenum
http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx
This will do what you want I think and lets you save out the list as a txt.
http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx
This will do what you want I think and lets you save out the list as a txt.
Just root folders?
ASKER
Yes only root Folders in all drives in the machines.
In one case i want the report for all folders root folders within a folder.
Like
D:\Development
Within this i have 100+ folder which were shared before but now they are not shared.
Any report in this script in 2 cases. One is all root folder in all drives and another case all folders root in 1 folder.
Only folders that are not shared and security users alone.
If i can get the way you gave me some time ago for shared folders. If a nested group then even members of that groups too...
In one case i want the report for all folders root folders within a folder.
Like
D:\Development
Within this i have 100+ folder which were shared before but now they are not shared.
Any report in this script in 2 cases. One is all root folder in all drives and another case all folders root in 1 folder.
Only folders that are not shared and security users alone.
If i can get the way you gave me some time ago for shared folders. If a nested group then even members of that groups too...
OK. So you will specify a list of root folders to search?
D:\Development
D:\Production
E:\Sandbox
F:
D:\Development
D:\Production
E:\Sandbox
F:
ASKER
No...
The script has to scan any folder in the root of each drive that are not shared.
Any folder that's not shared has to be scanned
The script has to scan any folder in the root of each drive that are not shared.
Any folder that's not shared has to be scanned
So you specify the drive letter to search the root folders?
D:
E:
F:
D:
E:
F:
ASKER
Ok i can specify.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I get this
-------------------------- -
Windows Script Host
-------------------------- -
Script: D:\AT Groups.vbs
Line: 3
Char: 20
Error: Syntax error
Code: 800A03EA
Source: Microsoft VBScript compilation error
-------------------------- -
OK
-------------------------- -
If the code has D E & F and the drives are not available also i get an error.
--------------------------
Windows Script Host
--------------------------
Script: D:\AT Groups.vbs
Line: 3
Char: 20
Error: Syntax error
Code: 800A03EA
Source: Microsoft VBScript compilation error
--------------------------
OK
--------------------------
If the code has D E & F and the drives are not available also i get an error.
DOS batch file
Modify the Set RootFolderList with valid available drives.
ASKER
I have the line as this
Set RootFolderList=D:
Its a vista machine where i am checking and i think its not accepting D drive directly
Set RootFolderList=D:
Its a vista machine where i am checking and i think its not accepting D drive directly
ASKER
Sorry was trying it as a vbs now it gets me the results file.
But i queries the shared folders not nonshared folders.
I want it to query any folders in the drive that are not shared.
But i queries the shared folders not nonshared folders.
I want it to query any folders in the drive that are not shared.
Should be non shared.
ASKER
Does it need this file "Rmtshare"?
I put this file in the same drive where the script is and ran the script and the csv is blank without any results just the headers are created...
I put this file in the same drive where the script is and ran the script and the csv is blank without any results just the headers are created...
Yes RMTSHARE is required.
Is your root drive shared other than the administrative hidden share?
To view your shares Run:
RMTSHARE \\%ComputerName%
Is your root drive shared other than the administrative hidden share?
To view your shares Run:
RMTSHARE \\%ComputerName%
ASKER
I get this
D:\>RMTSHARE \\%ComputerName%
Share name Resource Remark
-------------------------- ---------- ---------- ---------- ---------- ---------- ---
ADMIN$ C:\Windows Remote Admin
C$ C:\ Default share
D$ D:\ Default share
IPC$ Remote IPC
print$ C:\Windows\system32\spool\ dr... Printer Drivers
Screen Shots C:\Screen Shots
ZipFilesprotected D:\ZipFilesprotected
The command completed successfully.
They are not shared and will not be. Only the administive share is enabled.
D:\>RMTSHARE \\%ComputerName%
Share name Resource Remark
--------------------------
ADMIN$ C:\Windows Remote Admin
C$ C:\ Default share
D$ D:\ Default share
IPC$ Remote IPC
print$ C:\Windows\system32\spool\
Screen Shots C:\Screen Shots
ZipFilesprotected D:\ZipFilesprotected
The command completed successfully.
They are not shared and will not be. Only the administive share is enabled.
Can you post your batch file?
You only have 2 shares on this computer.
Screen Shots C:\Screen Shots
ZipFilesprotected D:\ZipFilesprotected
So when you do D: all folders except ZipFilesProtected should show up in the CSV.
Screen Shots C:\Screen Shots
ZipFilesprotected D:\ZipFilesprotected
So when you do D: all folders except ZipFilesProtected should show up in the CSV.
ASKER
Yes you are right.. Other than ZipFilesprotected all the other folders has to come into the CSV
So that is what you want correct?
Give it a try on your server and see if you get the same results.
Give it a try on your server and see if you get the same results.
ASKER
Thank U AT worked perfect any help with the other posts...
ASKER
Any help with these AT
https://www.experts-exchange.com/questions/23797927/Script-to-check-all-users-in-a-Root-Group-if-they-are-a-member-of-another-group-too.html
https://www.experts-exchange.com/questions/23797910/Find-if-all-users-in-a-OU-are-a-member-of-a-particular-Groups-The-group-is-in-the-Root-Domain.html
https://www.experts-exchange.com/questions/23797751/How-can-i-get-a-script-query-with-all-the-printers-in-the-print-server-and-get-all-users-or-group-names-who-are-in-the-security-tab.html
https://www.experts-exchange.com/questions/23797927/Script-to-check-all-users-in-a-Root-Group-if-they-are-a-member-of-another-group-too.html
https://www.experts-exchange.com/questions/23797910/Find-if-all-users-in-a-OU-are-a-member-of-a-particular-Groups-The-group-is-in-the-Root-Domain.html
https://www.experts-exchange.com/questions/23797751/How-can-i-get-a-script-query-with-all-the-printers-in-the-print-server-and-get-all-users-or-group-names-who-are-in-the-security-tab.html
ASKER
AT any help with the above posts...