AccessChk

Has anyone every run the AccessChk utility from Sys internals?

I am a bit perplexed by the findings?

I've run accesschk "domain users" across my H:\profile\desktop folder, and it returns lots of entries (i.e. indicating domain users can access my H:\profile\desktop folder".

It I run CACLS over the same folder, theres no entry for "domain users", so all I can imagine is CACLS is purely NTFS (directory) permissions, whereas accesschk is a cumulative of share/directory permissions?

Any ideas?
LVL 3
pma111Asked:
Who is Participating?
 
McKnifeConnect With a Mentor Commented:
For example this shows all files with read or write access
accesschk -rw username path
0
 
McKnifeCommented:
> i.e. indicating domain users can access my H:\profile\desktop folder
Oh yeah? So how does it indicate that? accesscheck would list the permission type to the left of the filename (like "R" for read).
0
 
pma111Author Commented:
My impression was it only lists results where the user or group has permission on a specific file/folder? Is this not true? Does it also cover 'list folder contents' only entries? Or only read and write?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
pma111Author Commented:
It seems a bit pointless if you have to supply a username or group over a directory your interested in (say 200 files) and you have to view each file to see what's to the left of the file name. Is there no way to filter down to only those files or directories a user or group can actually access ?
0
 
McKnifeCommented:
Did you look at the parameters? There are P's for all your needs.
0
 
pma111Author Commented:
Can you provide some example syntax to just list files that a specific user can access in a specific directory (and leave out those they can't ? )
0
 
pma111Author Commented:
Many thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.