• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 351
  • Last Modified:

How to determine explicit permissions

Our long-time personnel manager is preparing to retire and his successor is transitioning over to his responsibilities.

The current user has explicit permissions (i.e. not part of a group) for various folders and files on our server.  I need to give the new user the same access.  Is there a way to easily determine all of the explicit permissions that have been granted to the current user??

Server O/S:  Windows 2000 Server w/ Active Directory
0
Kerry Wilson
Asked:
Kerry Wilson
1 Solution
 
Mike KlineCommented:
There are various tools that can help NTFS permissions reporter is decent   http://www.cjwdev.co.uk/Software/NtfsReports/Info.html

accessenum from Microsoft  http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx

You could also use a tool like subinacl to set the ACLs for the new user.

Thanks

Mike
0
 
Kerry WilsonAuthor Commented:
The SysInternals program you mentioned is for Windows 2003 Server and higher.  Ours is Windows 2000 Server.

I'm checking further into the NTFS Permissions Reporter.
0
 
McKnifeCommented:
Looks like a case for subinacl.exe
"SubInACL is a command-line tool that enables administrators to obtain security information about files, registry keys, and services, and transfer this information from user to user, from local or global group to group, and from domain to domain" http://www.microsoft.com/en-us/download/details.aspx?id=23510
This download is for win2003. There is however also a subinacl for win2k as part of the nt4 and win2k resource kits. You may of course use the link I gave you and run it from win7 against your server.
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
BiniekCommented:
0
 
McKnifeCommented:
Did you understand, what subinacl can do for you? Pretty much exactly what you were asking for.
0
 
Kerry WilsonAuthor Commented:
Yes, I think so.  But I didn't know where to find anything about the NT4 and W2K Resource Kits.  I've heard of Resource Kits but don't know anything about them.
0
 
McKnifeCommented:
Well, why didn't you ask? That's what we are here for, aren't we? :)
Download my link (as I wrote before) and use it from win 7 against your server.
If that one makes problems, I could mail you the old executable if you need it.
0
 
Kerry WilsonAuthor Commented:
I didn't ask because the other two programs also did what I needed and I am a one-man IT department with 50 computers, more or less, in the building....just not enough hours in the day!  <grin>

Also, I don't have Win7....it's XP Pro.  I wasn't sure if it would work and, again, don't have time for a lot of experimentation.
0
 
McKnifeCommented:
Alright, good luck.
PS: what works on 2003 will work on xp, try it, if the task is not finished yet.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now