Looking for a tool

That will let me enter a wildcard and search for any permissions that are
used by that user. I need to be able to enter a domain name then a
wildcard, i.e. domain\* and have it search my filesystem looking for any
permissions that are applied from anyone in the domain I specify.

--
Mike

Does "CACLS * /C" at the Command Prompt do what you want?

Paul

"Mike Matheny" <> wrote in message
news:...
> That will let me enter a wildcard and search for any permissions that are
> used by that user. I need to be able to enter a domain name then a
> wildcard, i.e. domain\* and have it search my filesystem looking for any
> permissions that are applied from anyone in the domain I specify.
>
> --
> Mike
>

I need to find all permissions on a server file system that are from a
certain domain, i.e. abc\* - cacls can't do this. I'm currently running
dumpsec, exporting to a CSV, importing into Access, filtering, finding
unique. All this to boil down 1.6 million permisions to 5! There's got to be
a better way!!

--
Mike
"Paul Baker [MVP, Windows Desktop Experience]"
<> wrote in message
news:%...
> Does "CACLS * /C" at the Command Prompt do what you want?
>
> Paul
>
> "Mike Matheny" <> wrote in message
> news:...
>> That will let me enter a wildcard and search for any permissions that are
>> used by that user. I need to be able to enter a domain name then a
>> wildcard, i.e. domain\* and have it search my filesystem looking for any
>> permissions that are applied from anyone in the domain I specify.
>>
>> --
>> Mike
>>
>
>

There probably is, but not much more without writing your own application!

Yes, you would have to filter the output of CACLS in much the same way. And
it's not even in an easily parseable format.

Log Parser will allow you to run a SELECT SQL statement on a CSV file
without having to import it into Access:
http://www.microsoft.com/downloads/d...displaylang=en

Peronally, I am a bit worried about the maintainability and therefore long
term security of access controls this complicated.

Paul

"Mike Matheny" <> wrote in message
news:...
>I need to find all permissions on a server file system that are from a
>certain domain, i.e. abc\* - cacls can't do this. I'm currently running
>dumpsec, exporting to a CSV, importing into Access, filtering, finding
>unique. All this to boil down 1.6 million permisions to 5! There's got to
>be a better way!!
>
> --
> Mike
> "Paul Baker [MVP, Windows Desktop Experience]"
> <> wrote in message
> news:%...
>> Does "CACLS * /C" at the Command Prompt do what you want?
>>
>> Paul
>>
>> "Mike Matheny" <> wrote in message
>> news:...
>>> That will let me enter a wildcard and search for any permissions that
>>> are used by that user. I need to be able to enter a domain name then a
>>> wildcard, i.e. domain\* and have it search my filesystem looking for any
>>> permissions that are applied from anyone in the domain I specify.
>>>
>>> --
>>> Mike
>>>
>>
>>
>
>

This is for a one-time migration - we have several trusts set up, and we
need to give a report on what outside accounts have access to our file
servers. And CACLS dies on long path names.

--
Mike
"Paul Baker [MVP, Windows Desktop Experience]"
<> wrote in message
news:%...
> There probably is, but not much more without writing your own application!
>
> Yes, you would have to filter the output of CACLS in much the same way.
> And it's not even in an easily parseable format.
>
> Log Parser will allow you to run a SELECT SQL statement on a CSV file
> without having to import it into Access:
> http://www.microsoft.com/downloads/d...displaylang=en
>
> Peronally, I am a bit worried about the maintainability and therefore long
> term security of access controls this complicated.
>
> Paul
>
> "Mike Matheny" <> wrote in message
> news:...
>>I need to find all permissions on a server file system that are from a
>>certain domain, i.e. abc\* - cacls can't do this. I'm currently running
>>dumpsec, exporting to a CSV, importing into Access, filtering, finding
>>unique. All this to boil down 1.6 million permisions to 5! There's got to
>>be a better way!!
>>
>> --
>> Mike
>> "Paul Baker [MVP, Windows Desktop Experience]"
>> <> wrote in message
>> news:%...
>>> Does "CACLS * /C" at the Command Prompt do what you want?
>>>
>>> Paul
>>>
>>> "Mike Matheny" <> wrote in message
>>> news:...
>>>> That will let me enter a wildcard and search for any permissions that
>>>> are used by that user. I need to be able to enter a domain name then a
>>>> wildcard, i.e. domain\* and have it search my filesystem looking for
>>>> any permissions that are applied from anyone in the domain I specify.
>>>>
>>>> --
>>>> Mike
>>>>
>>>
>>>
>>
>>
>
>