Solved

How to scan NTFS permissions of an entire directory

Posted on 2009-07-01
2
1,367 Views
Last Modified: 2013-12-04
I have a folder on my companies file server. The folder has 46,878 files & 6,526 folders. I need to run a report that will list out the NTFS permisions for every object (files and folders) located under this parent folder.

I was told about a microsoft tool 'xcacls.vbs' that will run a report for me, but I can only seem to get it to work on one folder at a time. I am unable to get it the tool to traverse the directory and pull results from all of the subdirectories and files.

Does anyone know how to use this tool to pull a report that I need or perhaps another tool that can get the job done?

Thanks!!!
0
Comment
Question by:dowhatyoudo22
2 Comments
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 24754889
You need /t to traverse subdirectories.
But if you want a more concise list, check this from SystemTools/Somarsoft (my favorite tool):
DumpSec (http://www.systemtools.com/somarsoft)
Install the download on an XP machine, uncheck "Hyena"; you can then copy DumpSec.exe and the help file to where you want.
You'll get the most concise report possible when you go to Report > Permission Reports Options, check only "Show Permissions", and set the radio button to "Show directories (but not files) whose permissions differ ...".
Showing the owner will create a lot of entries nobody actually cares about when all you want is an NTFS permission report, and file permissions usually aren't that interesting, either.

Or these tools from Sysinternals:
AccessEnum (http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx)
AccessChk (http://technet.microsoft.com/en-us/sysinternals/bb664922.aspx)
ShareEnum (http://technet.microsoft.com/en-us/sysinternals/bb897442.aspx)
Or this one from Scriptlogic:
Security Explorer (http://www.scriptlogic.com/products/securityexplorer/)
0
 
LVL 2

Expert Comment

by:cincytopher
ID: 24754926
We also use DumpSec and it works great.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Power and BTU ratings calculation 13 86
shadow copies 7 80
Sweet32 Vulnerability in Microsoft IIS7.5 6 946
Security perspectives to assess for APIs 1 40
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question