Batch file to extract 'Security' on a Folder

Hi Guys,

I need some help with extracting the 'Security' information on a Shared folder.

So I need a script which extracts:

1. Security Groups on the Folder
2. In addition, the members of the concerned groups.

Cheers.
japitsolutionAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tumtum73Commented:
You'll want to use a tool called SubInACL (link below).

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=23510

You type the following command to extract the permissions for the entire C: drive toa file called perms.txt:

subinacl /noverbose /output=c:\perms.txt /subdirectories c:\*.*

If you find later that permissions have been changed and you want to change them back, you can type:

setacl /playfile c:\perms.txt

and the process will attempt to set them back.
0
tumtum73Commented:
the second command should be:

subinacl /playfile c:\perms.txt
0
japitsolutionAuthor Commented:
Well I prefer either an portable tool or a command base script. I cannot make the below changes on the server:

1. Install a Program
2. Make changes to permissions/security on a folder.

Hence the above solution is not appropriate.

Any other suggestions?
0
MSSPs - Are you paying too much?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

artsecCommented:
Hello, you can use CACLS command to display or modify Access Control Lists (ACLs) for files and folders. ACL determines which users (or groups of users) can read or edit the file.

In the new version of Windows (Windows 7 and Windows 2008 Server) there is a similar utility for command prompt which is "ICACLS".

The usage is easy as follow:

cacls C:\users\johns
icacls C:\users\johns\test.txt

you can save the output in a file as well with following argument:

> filename.txt

Examples:

cacls C:\users\johns > filename.txt
icacls C:\users\johns\test.txt > filename.txt

All the best,



0
japitsolutionAuthor Commented:
Well I prefer either an portable tool or a command base script. I cannot make the below changes on the server:

1. Install a Program
2. Make changes to permissions/security on a folder.

Hence the above solution is not appropriate.

Any other suggestions?
0
artsecCommented:
Hi,

Did you check my solution?  It is windows command prompt utility and you can make a batch  file easily. You do not need to change any permissions or install an application.

Thanks,
Ali
0
japitsolutionAuthor Commented:
Hi Artsec/Ali,

Your solution is impressive however what I initially requested was a Tool/Batch file which can extract this information.

Are you able to prepare a Batchfile for me Please?

Thank you.
0
mlchelpCommented:
try this, paste it into notepad and then save it as something.bat maybe permissions.bat or what ever you want, it will prompt you for the folder enter c:\windows or what ever folder you are using, then it will display the users and groups with permision to the folder then it will prompt you for a groupname and then display the members of the group.


set /p folderin=Please enter folder path, IE C:/windows:
icacls %folderin%
set /p groupin=Please enter group:
net group "%groupin" /domain


Have fun

Mike
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mlchelpCommented:
If you have enough disk space run multiple versions of windows 7 each with a different version of sql installed and then select wich ever one you want at startup via the boot.ini
0
japitsolutionAuthor Commented:
Fantastic Solution Mike.

It worked like a treat
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.