Solved

How would I generate a report that list ACLs and NTFS folder permissions on home directories?

Posted on 2011-09-08
7
425 Views
Last Modified: 2013-12-07
My boss is asking that I generate a list or report from our home directory servers (2k3 systems), that will provide ACLs and or NTFS permissions detailing who has access to what. We want to run an audit on our home directories to make sure all ACLs are similiar that Administrators have Full rights, Systems have full rights, and the user who the home directory belongs to have up to modify rights on there home folder. So generating a list that will show anything out of the norm would help as well. Max points granted.
0
Comment
Question by:ksol
  • 3
  • 2
7 Comments
 
LVL 13

Expert Comment

by:connectex
ID: 36504878
A simple utility for this is Sysinternal's AccessEnum. It's available here: http://technet.microsoft.com/en-us/sysinternals/bb897332

-Matt-
0
 

Author Comment

by:ksol
ID: 36506030
The way home directories are set on my network (see attachment). every user has a home folder with up to modify rights only, and ADMINISTRATOR and SYSTEM has full control of each user's home directory folder. We want to keep in within that standards. As of late, we noticed that some user's home directory folder can be accessed by someone else (non-admin). Being that we have hundreds of users home directory folder, we need a tool that would just audit, and let us know if there is something out of the norm or standards. Maybe if there is a command we can run natively on the server like icacls commands, that would help. Something that will produce a report that is not granular.          Doc1.docx
0
 
LVL 13

Expert Comment

by:connectex
ID: 36506236
AccessEnum will dump the user rights assignments in to a printable/reviewable format. If you want something customized to your exact needs, I recommended creating script (VBScript, PowerShell, etc.) to review and report on any non-standard permissions. Basically it's recurse through all subfolders (one or multiple levels, as needed), retrieve and check rights skip over administrator, system, username. Report any other entries in the permissions list, Next folder until subfolder list is complete.

-Matt-
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 13

Expert Comment

by:connectex
ID: 36506259
Another possiblity is to use something like SetACL or icalcs in a batch file or such. To set the permissions as desired. This won't let you audit them but if ran on a regular basis it will reset them to a known state.

-Matt-
0
 

Accepted Solution

by:
ksol earned 0 total points
ID: 36589664
I found a tool called Hyena that did the job.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 37163627
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html) provided 218 attendees with a step-by-step guide for identifying Acti…
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now