Sign in to follow this  
Followers 0
Naveed

Folder Permissions

4 posts in this topic

I have searched everywhere for this but cant find an answer maybe i am looking for the wrong thing but let me explain the situtation.

I have folder X (\\server\location1\foldername)

I would like to be able to put that full path into a script and obtain the security groups listed in the security tab for the properties of that folder?

Is this possible, i have tried doing it with autoit and WMI(Win32_LogicalFileSecuritySetting) and vbs(Win32_Directory) but both these methods dont show the security groups.

Can anyone help??

Regards

Nav

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

I couldn't find a way in autoit to do this on my network shares, but I did find this handy tool called DumpSec.

http://www.systemtools.com/somarsoft/index.html

When you install it don't install Hyena (it will ask you), that needs to be purchased but just installing DumpSec is free.

Edited by ShawnW

Share this post


Link to post
Share on other sites

I have not been able to do this with a UNC name, but have been able to do so by mapping a drive to the server. Something like the snippet below might work for you, if you'll be hitting the same machine often for your queries.

\\Server\Apps mapped to Z:

$var = InputBox( "", "Enter the directory" )
Run(@ComSpec & ' /c CACLS ' & $var & '> C:\CACLS.txt', "", @SW_HIDE)

This unfortunately gives you everything, both groups and individuals, but it may be a place to start...


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites

I have not been able to do this with a UNC name, but have been able to do so by mapping a drive to the server. Something like the snippet below might work for you, if you'll be hitting the same machine often for your queries.

\\Server\Apps mapped to Z:

$var = InputBox( "", "Enter the directory" )
Run(@ComSpec & ' /c CACLS ' & $var & '> C:\CACLS.txt', "", @SW_HIDE)

This unfortunately gives you everything, both groups and individuals, but it may be a place to start...

That is brilliant, Thanks for that, that actually did the trick, after getting the list of all the groups i was able to isolate just the security groups.

I had to map to the folder first and recycle the drive letter on each new request.

DriveMapDel("X:")
$var = GUICtrlRead($path)
DriveMapAdd("X:", $var)
Sleep(2000)
Run(@ComSpec & ' /c CACLS ' & "x:" & '> C:\CACLS.txt', "", @SW_HIDE)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0