Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

List ACL

Posted on 2014-12-11
1
Medium Priority
?
97 Views
Last Modified: 2015-01-03
Ive been asked to audit a server with regards to permissions to files and folders, so Ive come up with the idea of using C# to loop through the files and folders and write to a file what permissions each file/folder has.

So looking at the ACL documentation I can use the following code:-
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.AccessControl;
using System.Text;
using System.Threading.Tasks;

namespace ACL
{
    class Program
    {
        static void Main(string[] args) {
            getACLInformation("C:\\Rob\\account.sbd");

        }

        static void getACLInformation(string strFile) {
            FileInfo fInfo = new FileInfo(strFile);
            FileSecurity fSecurity = fInfo.GetAccessControl();
        }
    }
}

Open in new window


However when I look at fSecurity I cannot find out how to get a list of the users/groups and then what permissions they have and if its inherited or not.

Does anyone have any links to documentation or sample code of getting ACL information so I can dump it to a text file for import into a database at a later time for reporting?

Thank you
0
Comment
Question by:tonelm54
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 34

Accepted Solution

by:
it_saige earned 2000 total points
ID: 40494985
One of the many reasons why I love extension methods; the following code -
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.IO;
using System.Security.AccessControl;
using System.Security.Principal;

namespace EE_Q28579222
{
	class Program
	{
		static void Main(string[] args)
		{
			@"C:\_admin\test.xml".ListFileACLs();
			FileInfo file = new FileInfo(@"C:\_admin\test2.xml");
			file.ListFileACLs();
			Console.ReadLine();
		}
	}

	static class Extensions
	{
		public static void ListDirectoryACLs(this string directory)
		{
			ListDirectoryACLs(new DirectoryInfo(directory));
		}

		public static void ListDirectoryACLs(this DirectoryInfo directory)
		{
			if (directory.Exists)
			{
				DirectorySecurity acls = new DirectorySecurity(directory.FullName, AccessControlSections.Access);
				StringBuilder sb = new StringBuilder();

				sb.AppendFormat("Access Control List for Directory - {0}", directory.FullName).AppendLine();
				foreach (FileSystemAccessRule rule in acls.GetAccessRules(true, true, typeof(NTAccount)))
				{
					sb.AppendFormat("Account:     {0}", rule.IdentityReference.Value).AppendLine();
					sb.AppendFormat("Type:        {0}", rule.AccessControlType).AppendLine();
					sb.AppendFormat("Rights:      {0}", rule.FileSystemRights).AppendLine();
					sb.AppendFormat("Inherited:   {0}", rule.IsInherited).AppendLine();
					sb.AppendFormat("Inheritance: {0}", rule.InheritanceFlags).AppendLine();
					sb.AppendFormat("Propagation: {0}", rule.PropagationFlags).AppendLine();
					sb.AppendLine(new string('-', 25));
				}
				Console.WriteLine(sb.ToString());
			}
		}

		public static void ListFileACLs(this string file)
		{
			ListFileACLs(new FileInfo(file));
		}

		public static void ListFileACLs(this FileInfo file)
		{
			if (file.Exists)
			{
				FileSecurity acls = new FileSecurity(file.FullName, AccessControlSections.Access);
				StringBuilder sb = new StringBuilder();

				sb.AppendFormat("Access Control List for File - {0}", file.FullName).AppendLine();
				foreach (FileSystemAccessRule rule in acls.GetAccessRules(true, true, typeof(NTAccount)))
				{
					sb.AppendFormat("Account:     {0}", rule.IdentityReference.Value).AppendLine();
					sb.AppendFormat("Type:        {0}", rule.AccessControlType).AppendLine();
					sb.AppendFormat("Rights:      {0}", rule.FileSystemRights).AppendLine();
					sb.AppendFormat("Inherited:   {0}", rule.IsInherited).AppendLine();
					sb.AppendFormat("Inheritance: {0}", rule.InheritanceFlags).AppendLine();
					sb.AppendFormat("Propagation: {0}", rule.PropagationFlags).AppendLine();
					sb.AppendLine(new string('-', 25));
				}
				Console.WriteLine(sb.ToString());
			}
		}
	}
}

Open in new window


Provides the following output -Capture.JPG
-saige-
0

Featured Post

How To Reduce Deployment Times With Pre-Baked AMIs

Even if we can't include all the files in the base image, we can sometimes include some of the larger files that we would otherwise have to download, and we can also sometimes remove the most time-consuming steps. This can help a lot with reducing deployment times.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This document covers how to connect to SQL Server and browse its contents.  It is meant for those new to Visual Studio and/or working with Microsoft SQL Server.  It is not a guide to building SQL Server database connections in your code.  This is mo…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question