List ACL

Ive been asked to audit a server with regards to permissions to files and folders, so Ive come up with the idea of using C# to loop through the files and folders and write to a file what permissions each file/folder has.

So looking at the ACL documentation I can use the following code:-
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.AccessControl;
using System.Text;
using System.Threading.Tasks;

namespace ACL
{
    class Program
    {
        static void Main(string[] args) {
            getACLInformation("C:\\Rob\\account.sbd");

        }

        static void getACLInformation(string strFile) {
            FileInfo fInfo = new FileInfo(strFile);
            FileSecurity fSecurity = fInfo.GetAccessControl();
        }
    }
}

Open in new window


However when I look at fSecurity I cannot find out how to get a list of the users/groups and then what permissions they have and if its inherited or not.

Does anyone have any links to documentation or sample code of getting ACL information so I can dump it to a text file for import into a database at a later time for reporting?

Thank you
tonelm54Asked:
Who is Participating?
 
it_saigeDeveloperCommented:
One of the many reasons why I love extension methods; the following code -
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.IO;
using System.Security.AccessControl;
using System.Security.Principal;

namespace EE_Q28579222
{
	class Program
	{
		static void Main(string[] args)
		{
			@"C:\_admin\test.xml".ListFileACLs();
			FileInfo file = new FileInfo(@"C:\_admin\test2.xml");
			file.ListFileACLs();
			Console.ReadLine();
		}
	}

	static class Extensions
	{
		public static void ListDirectoryACLs(this string directory)
		{
			ListDirectoryACLs(new DirectoryInfo(directory));
		}

		public static void ListDirectoryACLs(this DirectoryInfo directory)
		{
			if (directory.Exists)
			{
				DirectorySecurity acls = new DirectorySecurity(directory.FullName, AccessControlSections.Access);
				StringBuilder sb = new StringBuilder();

				sb.AppendFormat("Access Control List for Directory - {0}", directory.FullName).AppendLine();
				foreach (FileSystemAccessRule rule in acls.GetAccessRules(true, true, typeof(NTAccount)))
				{
					sb.AppendFormat("Account:     {0}", rule.IdentityReference.Value).AppendLine();
					sb.AppendFormat("Type:        {0}", rule.AccessControlType).AppendLine();
					sb.AppendFormat("Rights:      {0}", rule.FileSystemRights).AppendLine();
					sb.AppendFormat("Inherited:   {0}", rule.IsInherited).AppendLine();
					sb.AppendFormat("Inheritance: {0}", rule.InheritanceFlags).AppendLine();
					sb.AppendFormat("Propagation: {0}", rule.PropagationFlags).AppendLine();
					sb.AppendLine(new string('-', 25));
				}
				Console.WriteLine(sb.ToString());
			}
		}

		public static void ListFileACLs(this string file)
		{
			ListFileACLs(new FileInfo(file));
		}

		public static void ListFileACLs(this FileInfo file)
		{
			if (file.Exists)
			{
				FileSecurity acls = new FileSecurity(file.FullName, AccessControlSections.Access);
				StringBuilder sb = new StringBuilder();

				sb.AppendFormat("Access Control List for File - {0}", file.FullName).AppendLine();
				foreach (FileSystemAccessRule rule in acls.GetAccessRules(true, true, typeof(NTAccount)))
				{
					sb.AppendFormat("Account:     {0}", rule.IdentityReference.Value).AppendLine();
					sb.AppendFormat("Type:        {0}", rule.AccessControlType).AppendLine();
					sb.AppendFormat("Rights:      {0}", rule.FileSystemRights).AppendLine();
					sb.AppendFormat("Inherited:   {0}", rule.IsInherited).AppendLine();
					sb.AppendFormat("Inheritance: {0}", rule.InheritanceFlags).AppendLine();
					sb.AppendFormat("Propagation: {0}", rule.PropagationFlags).AppendLine();
					sb.AppendLine(new string('-', 25));
				}
				Console.WriteLine(sb.ToString());
			}
		}
	}
}

Open in new window


Provides the following output -Capture.JPG
-saige-
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.