Announcement

Collapse
No announcement yet.

determine which folders a security group has been added to

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • determine which folders a security group has been added to

    Hi guys,

    Do any of you know how I can determine which folders a security group has been added to?

    I have tried a number of google searches but didn't really return what I was looking for..

    Trying here first, but I may need to post this question in the Scripting section..


    Thanks!
    I've been using this online backup for all my photos, docs, spreadsheets, powerpoints & emails for years now & it works great.
    Go Here for their free 5GB: http://www.idrive.com/p=gavamm
    I upgraded to the Personal Plan for peace of mind for not much more than a cup of coffee.

  • #2
    Re: determine which folders a security group has been added to

    Someone with a similar problem has a couple of solutions:
    http://www.edugeek.net/forums/window...rmissions.html
    May be a cost involved, though

    Isn't this what interns are for
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: determine which folders a security group has been added to

      CACLS will generate a list of things
      I used CACLS C:\ /T >out.txt and got this:

      Code:
       C:\ BUILTIN\Administrators:F 
          BUILTIN\Administrators:(OI)(CI)(IO)F 
          NT AUTHORITY\SYSTEM:F 
          NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F 
          NT AUTHORITY\Authenticated Users:C 
          NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)C 
          BUILTIN\Users:R 
          BUILTIN\Users:(OI)(CI)(IO)(special access:)
                                    GENERIC_READ
                                    GENERIC_EXECUTE
       
      C:\.rnd BUILTIN\Administrators:F 
              NT AUTHORITY\SYSTEM:F 
              NT AUTHORITY\Authenticated Users:C 
              BUILTIN\Users:R 
      C:\adminpak DOM\User1:F 
                  DOM\User1:(OI)(CI)(IO)F 
                  NT AUTHORITY\SYSTEM:F 
                  NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F 
                  BUILTIN\Administrators:F 
                  BUILTIN\Administrators:(OI)(CI)(IO)F 
      C:\AuthLog BUILTIN\Guests:(OI)(CI)F 
                 NT AUTHORITY\ANONYMOUS LOGON:(OI)(CI)F 
                 NT AUTHORITY\Authenticated Users:(OI)(CI)F 
                 BUILTIN\Administrators:(OI)(CI)F 
      C:\AUTOEXEC.BAT BUILTIN\Administrators:F 
                      NT AUTHORITY\SYSTEM:F 
                      NT AUTHORITY\Authenticated Users:C 
                      BUILTIN\Users:R 
      C:\SOE BUILTIN\Administrators:F 
                  BUILTIN\Administrators:(OI)(CI)(IO)F 
                  NT AUTHORITY\SYSTEM:F 
                  NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F 
                  NT AUTHORITY\Authenticated Users:C 
                  NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)C 
                  BUILTIN\Users:R 
                  BUILTIN\Users:(OI)(CI)(IO)(special access:)
                                            GENERIC_READ
                                            GENERIC_EXECUTE
       
      C:\boot.ini BUILTIN\Power Users:R 
                  BUILTIN\Administrators:F 
                  NT AUTHORITY\SYSTEM:F 
      C:\build BUILTIN\Administrators:F 
               BUILTIN\Administrators:(OI)(CI)(IO)F 
               NT AUTHORITY\SYSTEM:F 
               NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F 
               NT AUTHORITY\Authenticated Users:C 
               NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)C 
               BUILTIN\Users:R 
               BUILTIN\Users:(OI)(CI)(IO)(special access:)
                                         GENERIC_READ
                                         GENERIC_EXECUTE
       
       
      C:\captura.bmp BUILTIN\Administrators:F 
                     NT AUTHORITY\SYSTEM:F 
                     NT AUTHORITY\Authenticated Users:C 
                     BUILTIN\Users:R 
      C:\codigo1.bmp BUILTIN\Administrators:F 
                     NT AUTHORITY\SYSTEM:F 
                     NT AUTHORITY\Authenticated Users:C 
                     BUILTIN\Users:R 
      C:\CONFIG.SYS BUILTIN\Administrators:F 
                    NT AUTHORITY\SYSTEM:F 
                    NT AUTHORITY\Authenticated Users:C 
                    BUILTIN\Users:R 
      C:\Documents and Settings NT AUTHORITY\SYSTEM:F 
                                BUILTIN\Administrators:F 
                                BUILTIN\Users:R 
                                BUILTIN\Power Users:R 
                                Everyone:R 
                                NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F 
                                BUILTIN\Administrators:(OI)(CI)(IO)F 
                                BUILTIN\Users:(OI)(CI)(IO)(special access:)
                                                          GENERIC_READ
                                                          GENERIC_EXECUTE
       
                                BUILTIN\Power Users:(OI)(CI)(IO)(special access:)
                                                                GENERIC_READ
                                                                GENERIC_EXECUTE
       
                                Everyone:(OI)(CI)(IO)(special access:)
                                                     GENERIC_READ
                                                     GENERIC_EXECUTE
       
      C:\DRIVERS BUILTIN\Administrators:F 
                 BUILTIN\Administrators:(OI)(CI)(IO)F 
                 NT AUTHORITY\SYSTEM:F 
                 NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F 
                 NT AUTHORITY\Authenticated Users:C 
                 NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)C 
                 BUILTIN\Users:R 
                 BUILTIN\Users:(OI)(CI)(IO)(special access:)
                                           GENERIC_READ
                                           GENERIC_EXECUTE
       
      C:\error.bmp BUILTIN\Administrators:F 
                   NT AUTHORITY\SYSTEM:F 
                   NT AUTHORITY\Authenticated Users:C 
                   BUILTIN\Users:R
      There is a way to make it go more indepth, I think It's xcacls, or a newer version or something.

      but the two tools "xcacls" and "cacls" should get you a start.
      You can output all the data, then search.
      "find" is another command line tool that you may benefit from
      Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

      Comment


      • #4
        Re: determine which folders a security group has been added to

        Thanks guys for those suggestions .
        What I'm after is a bit different to those.

        What I want to be able to do is specify the security group or user and have it return which folders they have permissions on.

        Unfortunately CALCS doesn't appear to be available on all the OS versions.
        XCACLS looks similar to AccessEnum.

        AccessEnum, which is mentioned in the other thread, gets close, but it returns *all* permissions for *every* folder & file, so if I'm going to run that on a dir with 500,000 files (plus dirs) it's going to take a looong time, and it will generate a huge file that will be a nightmare to get into & manipulate in Excel.

        Looks like I might have to look at some scripting options.

        Thanks for your help.
        I've been using this online backup for all my photos, docs, spreadsheets, powerpoints & emails for years now & it works great.
        Go Here for their free 5GB: http://www.idrive.com/p=gavamm
        I upgraded to the Personal Plan for peace of mind for not much more than a cup of coffee.

        Comment

        Working...
        X