Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

NTFS ACL Values

Posted on 2010-08-18
2
861 Views
Last Modified: 2013-12-04
I am running Dumpsec on some servers to determine all the ACL's of the shares.  I get values similar to ax001200af as output for permissions.

How is this built?
What are the values of the settings such as Traverse Folder, List Folder, etc that this number is derived from?

I like dumpsec but I want to know straight out what is checked for ACL's per user/group.

I would like some ideas of either better software that can log this in the way I want or values as I can create a script to read the output file and display it the correct way.
0
Comment
Question by:m698322h
2 Comments
 
LVL 10

Accepted Solution

by:
Martin_J_Parker earned 500 total points
ID: 33465028
You might find the xcacls command more useful for displaying/manipulating ACL information.
http://ss64.com/nt/xcalcs.html

That's available as part of the Win 2003 resource kit, which can be downloaded from:
http://www.microsoft.com/downloads/details.aspx?familyid=9d467a69-57ff-4ae7-96ee-b18c4790cffd&displaylang=en
0
 
LVL 4

Expert Comment

by:DeadRatRacer
ID: 33470280
Documentation states:
axhhhhhhh       Non-standard allow permissions or audit settings, see WIN32 SDK documentation.
dxhhhhhhh       Non-standard deny permissions, see WIN32 SDK documentation.

Seems if there is a 'Special' set of NTFS permissions, like for users by default and it cannot decode to Read/Write/Full/Etc it gives the raw bitmask of the rights

seeing if I can find info to shed more light on the topic with the SDK, will post what I find.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question