Solved

List of user having access to each individual folder

Posted on 2013-10-31
6
351 Views
Last Modified: 2013-11-07
Hello experts,

I want to know user/ad access for all list folders in one dir.

eg:

path                                                            user\ad group having access
c:\temp                                                      domain\vivek
c:\temp\sub folder                                 domain\VIVEK,DOMAIN\AD GROUP1,AD GROUP2
c:\temp\sub folder2                               domain\sam,domain\vivek

And it should resurcive check all folders and should remove all users\ad group except DOMAIN\vivek,DOMAIN\sam
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 5

Author Comment

by:VIVEKANANDHAN_PERIASAMY
ID: 39621208
Kindly look into this request.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 39622406
Every single file can have different additional permissions and different owner aswell as inheriting from parent directory, or copy of the parent permissions and amended at will.

Would you not be better just pushing the permissions that you do want down from the top of that level?

i.e. in this case from GUI pov you select top level folder, select your two names (and presumably administrators/system at least right?) and replace permissions on sub folders and files.  If you don't have rights to some then take ownership first.

Steve
0
 
LVL 38

Expert Comment

by:Jim P.
ID: 39623279
You can use icacls (Win7/2008) or CACLS (Win2003/XP ) to get the info.

The recursion into the subdirectories is a different issue, that I don't know how to do in VBS and where or how to write it out.

C:\>icacls c:\temp
c:\temp BUILTIN\Administrators:(I)(F)
        BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
        NT AUTHORITY\SYSTEM:(I)(F)
        NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
        BUILTIN\Users:(I)(OI)(CI)(RX)
        NT AUTHORITY\Authenticated Users:(I)(M)
        NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)

Successfully processed 1 files; Failed processing 0 files

Open in new window

0
 
LVL 25

Accepted Solution

by:
Coralon earned 500 total points
ID: 39623313
I would just use AccessEnum from Sysinternals.

Coralon
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question