Need to do some overall auditing of a messy file server(s) structure where several years of adding/removing permissions has resulted in the occasional permission to something that should not exist (or the occasional adding of "users" with "ALL" to overcome lack of understanding of permissions in a windows environment).
Regardless of how we got there, need to get ourselves out of the situation as efficiently as possible.
One thought has been using xcacls to dump all the permissions to a file for later parsing or import into a database. Using the command;
xcacls d:\new /T /C > fileperm.txt
gives me directories and subdirectories, but also all files which I would like to remove/omit so I just have to deal with directories.
So two options;
1) a script or tool that will dump an entire directory tree along with who has access to what so it can be reviewed easily
2) tweak the above use of xcacls to only dump directories into the output file which i can then parse into a database or something (building my own review mechanism).