Dumpsec/dumpacl has some good command-line options that you may or may not know about, if you're up for a bit of batch scripting. However I also think fileacl is very good for this as others have recommended, duly seconded.
On 04/01/2008, Ziots, Edward <[EMAIL PROTECTED]> wrote: > > I know about dumpacl, but need it on an automated fashion, and need to > be able to restore the permissions quickly back to a previous version > accordingly. I am usually dealing with complex permissions structures of > TB's of data, so getting things back the way it need to be quick is very > important. > > Z > > -----Original Message----- > From: Erik Goldoff [mailto:[EMAIL PROTECTED] > Sent: Friday, January 04, 2008 11:29 AM > To: NT System Admin Issues > Subject: RE: Documentation, Restore and snapshoting of Server > permissions software question > > Used to be a utility called DumpACL, maybe now called DumpSec that may > help... Not sure if it is as 'powerful' as you want but is still good > for > documenting for recovery and audits > > -----Original Message----- > From: Ziots, Edward [mailto:[EMAIL PROTECTED] > Sent: Friday, January 04, 2008 11:04 AM > To: NT System Admin Issues > Subject: Documentation, Restore and snapshoting of Server permissions > software question > > > To the list, > > After much angst and nagging, I have been given the go ahead to take a > look > into software that will do the following. For those with experience in > using > software to cover these areas and others, please feel free to chime in > what > has worked well for you and your staffs. > > I need the software to do the following. > > 1) Snapshot the NTFS/Share permissions on a server by server basis over > time, to assist in recovery if my helpdesk etc etc steps on the > permissions > and causes issues with the servers. ( I believe Scriptlogic and > Security > Explorer and a few others in this realm I have seen but not played with > personally) > > 2) Eventlog management tools to track, alert, manage and archive logs to > a > SQL Database or other remote medium for auditing and compliance. I can > see > this with both Agent based and non-agent based deployments. ( GFI, SMS, > MOM, > Configuresoft, Netpro, Quest, etc etc?) I am looking to track the > following: > AD changes, modifications, down to an attribute level, server permission > changes, additions, deletes at the file and folder level, with a nice > reporting mechanism accordingly, to get proactive with this) ( Also its > an > internal audit recommendation) > > Feel free to chime in on the good/bad/ugly of the situation. > > Z > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.516 / Virus Database: 269.17.13/1209 - Release Date: > 1/4/2008 > 12:05 PM > > > No virus found in this outgoing message. > Checked by AVG Free Edition. > Version: 7.5.516 / Virus Database: 269.17.13/1209 - Release Date: > 1/4/2008 > 12:05 PM > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > -- James Rankin Tel: +44 7902 193912 ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
