Looking for a tool

Discussion in 'Server Security' started by Mike Matheny, Mar 4, 2009.

  1. Mike Matheny

    Mike Matheny Guest

    That will let me enter a wildcard and search for any permissions that are
    used by that user. I need to be able to enter a domain name then a
    wildcard, i.e. domain\* and have it search my filesystem looking for any
    permissions that are applied from anyone in the domain I specify.
     
    Mike Matheny, Mar 4, 2009
    #1
    1. Advertisements

  2. Does "CACLS * /C" at the Command Prompt do what you want?

    Paul
     
    Paul Baker [MVP, Windows Desktop Experience], Mar 4, 2009
    #2
    1. Advertisements

  3. Mike Matheny

    Mike Matheny Guest

    I need to find all permissions on a server file system that are from a
    certain domain, i.e. abc\* - cacls can't do this. I'm currently running
    dumpsec, exporting to a CSV, importing into Access, filtering, finding
    unique. All this to boil down 1.6 million permisions to 5! There's got to be
    a better way!!

    --
    Mike
    "Paul Baker [MVP, Windows Desktop Experience]"
     
    Mike Matheny, Mar 6, 2009
    #3
  4. There probably is, but not much more without writing your own application!

    Yes, you would have to filter the output of CACLS in much the same way. And
    it's not even in an easily parseable format.

    Log Parser will allow you to run a SELECT SQL statement on a CSV file
    without having to import it into Access:
    http://www.microsoft.com/downloads/...6b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en

    Peronally, I am a bit worried about the maintainability and therefore long
    term security of access controls this complicated.

    Paul

     
    Paul Baker [MVP, Windows Desktop Experience], Mar 6, 2009
    #4
  5. Mike Matheny

    Mike Matheny Guest

    This is for a one-time migration - we have several trusts set up, and we
    need to give a report on what outside accounts have access to our file
    servers. And CACLS dies on long path names.

    --
    Mike
    "Paul Baker [MVP, Windows Desktop Experience]"
     
    Mike Matheny, Mar 12, 2009
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.