Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Query for ACLs on a file server

Posted on 2009-04-14
3
Medium Priority
?
368 Views
Last Modified: 2013-12-04
I'm cleaning up all Windows groups associated with a SQL Server database application.  I've verified that I can safely deleted GroupX without any loss of of SQL Server functionality.  However, the application is also associated with thousands of files on the same server, and GroupX may have explicit permissions to some of these files.  Obviously, inspecting each file for GroupX permissions isn't feasible.  Is there a way to query the GroupX ACLs?
0
Comment
Question by:jdana
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 24136381

Sure. Install Windows PowerShell (should be under Features in Server Manager), then you can run this (copy and paste after you fix the security principal and base path values.

Chris
# Object name to look for in each access control list
$SecurityPrincipal = "GroupX"
# Starting path
$BasePath = "C:\"
 
# Something to hold the results
$Entries = @()
ForEach ($Entry in (ls -r $BasePath)) {
  If ((Get-ACL -Path $Entry.FullName).Access | `
    ?{ $_.IdentityReference -match $SecurityPrincipal -And $_.IsInherited -eq $False }) { 
      $Entries += $Entry | Select-Object * 
  }
}
# Display the results as a table
$Entries | Format-Table FullName, Name, PSIsContainer, LastAccessTime
# Export Results to a CSV File
$Entries | Export-CSV "Results.csv"

Open in new window

0
 
LVL 2

Assisted Solution

by:gurpreetchhabra
gurpreetchhabra earned 500 total points
ID: 24137099
Or simply try DumpSec GUI based tool to export permissions from a specified root directory, export the result to csv file. Open in excel and filter all results for GroupX.
0
 

Author Closing Comment

by:jdana
ID: 31569822
Both option work great!  Thanks!
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out what's been happening in the Experts Exchange community.
Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question