You can use FILEACL remotely, though, so...
*ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp <http://www.wisestamp.com/email-install> On Wed, Aug 18, 2010 at 9:01 AM, Ben Scott <[email protected]> wrote: > On Wed, Aug 18, 2010 at 6:40 AM, Andrew S. Baker <[email protected]> > wrote: > > You could look at FILEACL (3rd party) and ICACLS (native Vista+/2008+) > for > > listing NTFS permissions on files and other structures. SUBINACL is > another > > option. > > FILEACL is the best one I've found so far because it will easily > list only direct (not inherited) ACEs. That's generally what I'm > interested in. I find this idiom very useful: > > FILEACL C:\ /SUB /FILES /LINE /NOINHERITED > C:\ACL_report.txt > > Also, FILEACL can set fine-grained Audit ACLs (SACL/AACE), albeit > only with SDDL syntax. > > I haven't been able to find a way to do either of those with any of: > CACLS, XCACLS (EXE), XCACLS (VBS), SUBINACL, ICACLS. Which is > frustrating, because for certain computers, I practically need a > signed note from God to use FILEACL. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
