Solved

How to scan NTFS permissions of an entire directory

Posted on 2009-07-01
2
1,372 Views
Last Modified: 2013-12-04
I have a folder on my companies file server. The folder has 46,878 files & 6,526 folders. I need to run a report that will list out the NTFS permisions for every object (files and folders) located under this parent folder.

I was told about a microsoft tool 'xcacls.vbs' that will run a report for me, but I can only seem to get it to work on one folder at a time. I am unable to get it the tool to traverse the directory and pull results from all of the subdirectories and files.

Does anyone know how to use this tool to pull a report that I need or perhaps another tool that can get the job done?

Thanks!!!
0
Comment
Question by:dowhatyoudo22
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 500 total points
ID: 24754889
You need /t to traverse subdirectories.
But if you want a more concise list, check this from SystemTools/Somarsoft (my favorite tool):
DumpSec (http://www.systemtools.com/somarsoft)
Install the download on an XP machine, uncheck "Hyena"; you can then copy DumpSec.exe and the help file to where you want.
You'll get the most concise report possible when you go to Report > Permission Reports Options, check only "Show Permissions", and set the radio button to "Show directories (but not files) whose permissions differ ...".
Showing the owner will create a lot of entries nobody actually cares about when all you want is an NTFS permission report, and file permissions usually aren't that interesting, either.

Or these tools from Sysinternals:
AccessEnum (http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx)
AccessChk (http://technet.microsoft.com/en-us/sysinternals/bb664922.aspx)
ShareEnum (http://technet.microsoft.com/en-us/sysinternals/bb897442.aspx)
Or this one from Scriptlogic:
Security Explorer (http://www.scriptlogic.com/products/securityexplorer/)
0
 
LVL 2

Expert Comment

by:cincytopher
ID: 24754926
We also use DumpSec and it works great.
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question