[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Listing Folder permissions using a vbscript

Posted on 2011-05-04
9
Medium Priority
?
5,721 Views
Last Modified: 2012-05-11
I am using a script already given from a previous question. It works great for all "shares", but it does not include in the output any/all subfolders under the shares. Is there any way to do this using the vbscript I am already using? I attached the vbscript I am using as well.
FolderPermissions.txt
0
Comment
Question by:JJohnston72
9 Comments
 
LVL 6

Expert Comment

by:cfEngineers
ID: 35692294

Dim Mypath as string, MyName as String,iCount as integer
    iCount=0
    MyPath = "c:\"   ' Set the path.
    MyName = Dir(MyPath, vbDirectory)   ' Retrieve the first entry.
    Do While MyName <> ""   ' Start the loop.
       ' Ignore the current directory and the encompassing directory.
       If MyName <> "." And MyName <> ".." Then
          ' Use bitwise comparison to make sure MyName is a directory.
          If (GetAttr(MyPath & MyName) And vbDirectory) = vbDirectory Then
             Debug.Print MyName   ' Display entry only if it
             iCount=iCount+1
          End If   ' it represents a directory.
       End If
       MyName = Dir   ' Get next entry.
    Loop
    debug.print "No.of Folders in the selected path : " & iCount

Open in new window

0
 

Author Comment

by:JJohnston72
ID: 35692458
Ok, I put this into the script, but it gives me an error saying it was expecting an "end of statement" on the first line. I am no scripting genius. :-)
0
 
LVL 3

Expert Comment

by:raiERB
ID: 35696705
VBScript does not support variable declaration with the Keyword "as" and variabletype.

Change from:
Dim Mypath as string, MyName as String,iCount as integer

Change to:
Dim Mypath, MyName, iCount
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 4

Expert Comment

by:azeempatel
ID: 35698898
Use system tools . Dumpsec
This is ultimate tools for and also scrip table.
0
 

Author Comment

by:JJohnston72
ID: 35699166
Thanks raiERB......I made that change and now I am getting an error: Variable is undefined: 'vbDirectory'

I have attached the new script here..........
FolderPermissions.vbs
0
 
LVL 3

Expert Comment

by:raiERB
ID: 35704338
Had to move a lot of your code around to add a recursive search of all the subfolders.

I also now write all the information as soon as it is found into the file.  Please beware, the script now APPENDS to the file, it does not overwrite it anymore.

I removed the code block from cfEngineers as it will not do what you wantet.
'########################################################################################
'#																						#
'#	Name:		Shares.vbs																#
'#	Description:	This script will retrieve a list of shares and output the ACLs 		#
'#			to textfile.																#
'#																						#
'#	Software:	ShowACLs.Exe															#
'#																						#
'########################################################################################
Option Explicit
 
DIM strComputer
DIM WMI
DIM strLine
DIM strDotted
DIM colShares
DIM Share
DIM strShare
DIM strPath
DIM strACLs
DIM strHeader
DIM ListACL
DIM ListShare
DIM strLog
Dim objFSO        : Set objFSO = CreateObject("Scripting.FileSystemObject")

strComputer = "."
strLine = "__________________________________________________________________________"
strDotted = "--------------------------------------------------------------------------"
 
ListShare = "List of File Shares and their corresponding ACLs" & vbcrlf & _
	strLine & vbcrlf & vbcrlf & vbtab & "Share Name" & vbtab & _
	vbtab & vbtab & vbtab & "Share Path" & vbcrlf & strLine & vbCrLf

' Write header
func_Docs ListShare
func_Docs vbCrLf & strLine

Set WMI = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colShares = WMI.ExecQuery("Select * from Win32_Share")
 
For Each Share in colShares
	strShare = Share.Name
	strPath = Share.Path
 	
	If strShare <> "print$" and Share.Type = "0" then

		strShare = trim(strShare)
		Do until len(strShare) => 35
			strShare = strShare & " "
		Loop
 
	 	' Write share header
		func_Docs vbcrlf & "ACLs for " & strShare & vbcrlf & vbcrlf & "Users" & vbtab & _
			vbtab & vbtab & vbtab & vbtab & vbtab & "Access" & vbcrlf & strDotted & vbCrLf

		func_Docs vbtab & strShare & vbtab & trim(strPath) & vbCrLf
		
 		' Get ACLs for the folder
		func_GetACLs strPath

	End If
Next
 
set strComputer = Nothing
set strLine = Nothing
set strDotted = Nothing
set WMI = Nothing
set colShares = Nothing
set Share = Nothing
set strShare = Nothing
set strPath = Nothing
set strHeader = Nothing
set ListACL = Nothing
set strLog = Nothing
 
Function func_GetACLs(strPath)

	DIM WShell
	DIM objExec
	DIM strResults
 	Dim objFSO
 	Dim objPribFolder
 	Dim objSubFolder
 	Dim ListACL
 	
	Set WShell = CreateObject("Wscript.Shell")
	Set objFSO = CreateObject("Scripting.FileSystemObject")
	Set objExec = WShell.Exec("showacls " & """" & strPath & """")
	strResults = LCase(objExec.StdOut.ReadAll)
 	
	' for the root share folder
	If inStr( strResults, "error: ") = FALSE then
		ListACL = func_ModACLs(strResults)
	ElseIf instr (strResults, "volume") then
		ListACL = "Not an NTFS volume, could not retrive ACLs" & vbcrlf
	Else
		ListACL = "An Error occured and the ACLs could not be retrieved" & vbcrlf
	End If
	func_Docs ListACL & vbCrLf & strDotted & vbCrLf & vbCrLf
	
	' recurse through subfolders
	Set objPribFolder = objFSO.GetFolder(strPath)
	For Each objSubFolder In objPribFolder.SubFolders
		func_GetACLs(objSubFolder)
	Next

	set objExec = Nothing
	set strResults = Nothing
	set WShell = Nothing
 
End Function
 
 
Function func_ModACLs(strACLs)
 
	DIM Cnt
	DIM strResult
	DIM x
	DIM arrACL
	DIM strACL
 
	strACLs = split(strACLs, vbcrlf)
	
	For Cnt = 1 to uBound(strACLs)
		If strACLs(Cnt) <> "" then
			arrACL = Right(strACLs(Cnt), len(strACLs(Cnt)) - 2)
			arrACL = split(arrACL, "  ")
 
			For x = 0 to uBound(arrACL)
				If arrACL(x) <> "" then
					
					strACL = arrACL(x)
 
					strACL = trim(strACL)
 
					Do until len(strACL) => 45
						strACL = strACL & " "
					Loop
					strResult = strResult & strACL & vbtab
 
				End If
			Next
 
		End If
		If strACLs(Cnt) <> "" then
			strResult = strResult & vbcrlf
		End If
	Next
 
	func_ModACLs = strResult
 
	set Cnt = Nothing
	set strResult = Nothing
	set x = Nothing
	set arrACL = Nothing
	set strACL = Nothing
	
End Function
 
'================================
'       Document Shares
'================================
Function func_Docs(strLog)
 
	DIM FSO            : Set FSO = CreateObject("Scripting.FileSystemObject")
	DIM strFolder      : strFolder = "C:\ScriptLogs"
	DIM ShareFile      : ShareFile =  strFolder & "\Shares.txt"
	DIM LogFile        : Set LogFile = FSO.OpenTextFile(ShareFile, 8, True)
 
	If FSO.FolderExists(strFolder) = false then
		FSO.CreateFolder strFolder
	End If

	LogFile.WriteLine strLog
	LogFile.Close
 
	set FSO = Nothing
	set strFolder = Nothing
	set ShareFile = Nothing
	set LogFile = Nothing
 
End Function

Open in new window

0
 

Author Comment

by:JJohnston72
ID: 35705822
This works great except it shows the share name and under that its permissions (perfect) but for each folder under the share its only showing permissions and not the folder with permissions under it. Like this below you will see permissions for the share, but don't know which permissions is for what folder under the share.

CLs for Share
Users                      Access
--------------------------------------------------------------------------
builtin\administrators                             full control [all]                                 
creator owner                                      full control [all]                                 
domain\staff                                    change [rwxd]                                      
nt authority\system                                full control [all]                                 
builtin\users                                      read [rx]                                          
--------------------------------------------------------------------------
builtin\administrators                             full control [all]                                 
domain\staff                                    change [rwxd]                                      
builtin\administrators                             full control [all]                                 
creator owner                                      full control [all]                                 
nt authority\system                                full control [all]                                 
builtin\users                                      read [rx]
0
 
LVL 3

Accepted Solution

by:
raiERB earned 500 total points
ID: 35705912
I've added a line that shows the folder for which the permissions are listed.

Each section is actually a different subfolder with the same access rights.

You should now see:

CLs for Share
Users                      Access
--------------------------------------------------------------------------
Permissions For folder: "C:\ShareFolder"
builtin\administrators                             full control [all]                                
creator owner                                      full control [all]                                
domain\staff                                    change [rwxd]                                      
nt authority\system                                full control [all]                                
builtin\users                                      read [rx]                                          
--------------------------------------------------------------------------
Permissions For folder: "C:\ShareFolder\SubFolder1"
builtin\administrators                             full control [all]                                
domain\staff                                    change [rwxd]                                      
builtin\administrators                             full control [all]                                
creator owner                                      full control [all]                                
nt authority\system                                full control [all]                                
builtin\users                                      read [rx]        

--------------------------------------------------------------------------
--------------------------------------------------------------------------

CLs for SecondShare
Users                      Access
--------------------------------------------------------------------------
Permissions For folder: "D:\AnotherSharedFolder"
builtin\administrators                             full control [all]                                
creator owner                                      full control [all]                                
domain\staff                                    change [rwxd]                                      
nt authority\system                                full control [all]                                
builtin\users                                      read [rx]                                          
--------------------------------------------------------------------------

Since the subfolders are all in the same share, I left them under the same share structure.

'########################################################################################
'#																						#
'#	Name:		Shares.vbs																#
'#	Description:	This script will retrieve a list of shares and output the ACLs 		#
'#			to textfile.																#
'#																						#
'#	Software:	ShowACLs.Exe															#
'#																						#
'########################################################################################
Option Explicit
 
DIM strComputer
DIM WMI
DIM strLine
DIM strDotted
DIM colShares
DIM Share
DIM strShare
DIM strPath
DIM strACLs
DIM strHeader
DIM ListACL
DIM ListShare
DIM strLog
Dim objFSO        : Set objFSO = CreateObject("Scripting.FileSystemObject")

strComputer = "."
strLine = "__________________________________________________________________________"
strDotted = "--------------------------------------------------------------------------"
 
ListShare = "List of File Shares and their corresponding ACLs" & vbcrlf & _
	strLine & vbcrlf & vbcrlf & vbtab & "Share Name" & vbtab & _
	vbtab & vbtab & vbtab & "Share Path" & vbcrlf & strLine & vbCrLf

' Write header
func_Docs ListShare
func_Docs vbCrLf & strLine

Set WMI = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colShares = WMI.ExecQuery("Select * from Win32_Share")
 
For Each Share in colShares
	strShare = Share.Name
	strPath = Share.Path
 	
	If strShare <> "print$" and Share.Type = "0" then

		strShare = trim(strShare)
		Do until len(strShare) => 35
			strShare = strShare & " "
		Loop
 
	 	' Write share header
		func_Docs vbcrlf & "ACLs for " & strShare & vbcrlf & vbcrlf & "Users" & vbtab & _
			vbtab & vbtab & vbtab & vbtab & vbtab & "Access" & vbcrlf & strDotted & vbCrLf

		func_Docs vbtab & strShare & vbtab & trim(strPath) & vbCrLf
		
 		' Get ACLs for the folder
		func_GetACLs strPath

	End If
Next
 
set strComputer = Nothing
set strLine = Nothing
set strDotted = Nothing
set WMI = Nothing
set colShares = Nothing
set Share = Nothing
set strShare = Nothing
set strPath = Nothing
set strHeader = Nothing
set ListACL = Nothing
set strLog = Nothing
 
Function func_GetACLs(strPath)

	DIM WShell
	DIM objExec
	DIM strResults
 	Dim objFSO
 	Dim objPribFolder
 	Dim objSubFolder
 	Dim ListACL
 	
	Set WShell = CreateObject("Wscript.Shell")
	Set objFSO = CreateObject("Scripting.FileSystemObject")
	Set objExec = WShell.Exec("showacls " & """" & strPath & """")
	strResults = LCase(objExec.StdOut.ReadAll)
 	
	' for the root share folder
	If inStr( strResults, "error: ") = FALSE then
		ListACL = func_ModACLs(strResults)
	ElseIf instr (strResults, "volume") then
		ListACL = "Not an NTFS volume, could not retrive ACLs" & vbcrlf
	Else
		ListACL = "An Error occured and the ACLs could not be retrieved" & vbcrlf
	End If
	func_Docs "Permissions For folder: " & chr(34) & strPath & Chr(34)
	func_Docs ListACL & vbCrLf & strDotted & vbCrLf & vbCrLf
	
	' recurse through subfolders
	Set objPribFolder = objFSO.GetFolder(strPath)
	For Each objSubFolder In objPribFolder.SubFolders
		func_GetACLs(objSubFolder)
	Next

	set objExec = Nothing
	set strResults = Nothing
	set WShell = Nothing
 
End Function
 
 
Function func_ModACLs(strACLs)
 
	DIM Cnt
	DIM strResult
	DIM x
	DIM arrACL
	DIM strACL
 
	strACLs = split(strACLs, vbcrlf)
	
	For Cnt = 1 to uBound(strACLs)
		If strACLs(Cnt) <> "" then
			arrACL = Right(strACLs(Cnt), len(strACLs(Cnt)) - 2)
			arrACL = split(arrACL, "  ")
 
			For x = 0 to uBound(arrACL)
				If arrACL(x) <> "" then
					
					strACL = arrACL(x)
 
					strACL = trim(strACL)
 
					Do until len(strACL) => 45
						strACL = strACL & " "
					Loop
					strResult = strResult & strACL & vbtab
 
				End If
			Next
 
		End If
		If strACLs(Cnt) <> "" then
			strResult = strResult & vbcrlf
		End If
	Next
 
	func_ModACLs = strResult
 
	set Cnt = Nothing
	set strResult = Nothing
	set x = Nothing
	set arrACL = Nothing
	set strACL = Nothing
	
End Function
 
'================================
'       Document Shares
'================================
Function func_Docs(strLog)
 
	DIM FSO            : Set FSO = CreateObject("Scripting.FileSystemObject")
	DIM strFolder      : strFolder = "C:\ScriptLogs"
	DIM ShareFile      : ShareFile =  strFolder & "\Shares.txt"
	DIM LogFile        : Set LogFile = FSO.OpenTextFile(ShareFile, 8, True)
 
	If FSO.FolderExists(strFolder) = false then
		FSO.CreateFolder strFolder
	End If

	LogFile.WriteLine strLog
	LogFile.Close
 
	set FSO = Nothing
	set strFolder = Nothing
	set ShareFile = Nothing
	set LogFile = Nothing
 
End Function

Open in new window

0
 

Author Comment

by:JJohnston72
ID: 35706184
That is PERFECT!!!!!

Thanks EVERYONE for your help.........
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question