Solved

Alternative to a folders security tab

Posted on 2012-12-21
10
488 Views
Last Modified: 2013-01-02
If I right click a folder on a network share, I can no longer see the security tab to see which users are members on the access control list. This is via a Windows 7 PC connected to a share on a 2008 server. Is there any alternative tool or method to get this information if the security tab has (presumably??) been hidden by group policy as we some-times need this information for audit purposes?
0
Comment
Question by:pma111
10 Comments
 
LVL 3

Expert Comment

by:Tm-L
Comment Utility
If you log on to the computer/server that hosts the share can you see the security info for the share? would this be a viable option? or are you explicitly trying to retried security information of a share remotely?
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
Ideally wouldnt want to login to the server, just something quick and easy - or that can report out the information for all shares/directories/sub directories
0
 
LVL 3

Assisted Solution

by:Tm-L
Tm-L earned 167 total points
Comment Utility
if you know the name of the server that hosts the shares and you can access mmc etc:

In Administrative Tools, click Share and Storage Management.

In the console tree, right-click Share and Storage Management, and then click Connect to another Computer.

In the Connect to Another Computer dialog box, click Another computer. Then type the name of the server you want to connect to, or click Browse to search for a remote computer.

Click OK.

with this i admin our shares and all permissions/security.

Is this any help?
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
Is that just share permissions, though, and not NTFS/directory permissions?
0
 
LVL 3

Expert Comment

by:Tm-L
Comment Utility
Once you are connected to the remote computer and can see all the shares you can double click a share and you will get this windows that allows you to see both share permissions and NTFS: context menu of remote share and storage management
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 167 total points
Comment Utility
Hm, have you tried using icacls command in command-line? It is not as clear as GUI but should give you an overview.

Please try this
icacls \\server\share

Open in new window


Regards,
Krzysztof
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
Can any domain user run icacls against any server/share, or are there limitations on which users can list the ACL per server/share? Or perhaps which will report the output....
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
And is icacls reporting share permissions, or directory permissions, is there any command line to get share permissions if these are just directory permissions?
0
 
LVL 3

Expert Comment

by:Tm-L
Comment Utility
I would say that users need to have permissions to read permissions if that makes sense? with some lower level users that we need to have some level of access I think remember having to let them have the permissions to view to permissions! ... I hope you follow!
0
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 166 total points
Comment Utility
You can list share permissions remotely using üpowershell, see http://www.peetersonline.nl/2008/11/listing-share-permissions-for-remote-shares/

I would start by questioning if that security tab is really hidden on purpose.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now