Solved

File and Folder permissions ...who has access to what?

Posted on 2014-03-11
5
254 Views
Last Modified: 2014-06-27
I have a few file servers with thousand of folders and files. I need to know who has access to what files and folders without drilling down to each individual file and folder.

I'm now tasked with certifiying annually who has access to what files and folders and getting their supervisor to sign off on or ok their access....do they still need access to such and such. (This is a new process for the org, it hasn't been done in the past)

What free or low priced product is out there that I can install and checked access permissions on my Windows 2003 and 2008 file servers?
0
Comment
Question by:bernardb
5 Comments
 
LVL 14

Accepted Solution

by:
Giovanni Heward earned 500 total points
ID: 39922046
Here's a quick script to write permissions to a text file.  This could easily be modified to create a icacls AclFile for use later as a differential check, etc.

@echo off
setlocal enabledelayedexpansion
for /f "skip=1" %%d in ('wmic logicaldisk get caption^,providername^,drivetype^,volumename') do (
	set drive=%%d
	if not [!drive!]==[] if exist !drive!\ (
		set /p p=Processing DACLs on !drive!\<nul
		(icacls !drive!\* /t /c /q)>>perms_!drive!.txt 2>nul
		if exist perms_!drive!.txt (echo ...wrote !perms_!drive!.txt) else (echo.)
	)
)

Open in new window

0
 
LVL 26

Expert Comment

by:pony10us
ID: 39922052
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39922068
You could look into Tripwire Enterprise.  Tripwire detects changes to 29 object properties (file/directory) and 21 registry key/values on Windows.

Specifically NTFS DACL, SACL, etc.
0
 
LVL 4

Expert Comment

by:michaelalphi
ID: 39922652
A good resource you can have check here(http://www.fileaccessauditing.com/) which seems a perfect match for such environment. Try this.
0
 

Author Comment

by:bernardb
ID: 40002872
Thanks everyone, sorry for the delay....checking and will get back to you.

Thanks for your responses.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question