I am running Dumpsec on some servers to determine all the ACL's of the shares.  I get values similar to ax001200af as output for permissions.

How is this built?
What are the values of the settings such as Traverse Folder, List Folder, etc that this number is derived from?

I like dumpsec but I want to know straight out what is checked for ACL's per user/group.

I would like some ideas of either better software that can log this in the way I want or values as I can create a script to read the output file and display it the correct way.
Who is Participating?
Martin_J_ParkerConnect With a Mentor Commented:
You might find the xcacls command more useful for displaying/manipulating ACL information.

That's available as part of the Win 2003 resource kit, which can be downloaded from:
Documentation states:
axhhhhhhh       Non-standard allow permissions or audit settings, see WIN32 SDK documentation.
dxhhhhhhh       Non-standard deny permissions, see WIN32 SDK documentation.

Seems if there is a 'Special' set of NTFS permissions, like for users by default and it cannot decode to Read/Write/Full/Etc it gives the raw bitmask of the rights

seeing if I can find info to shed more light on the topic with the SDK, will post what I find.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.