I need to conduct folder permissions audit on folders with specific names and
then check to make sure that a specific group is explicitly denied.
I produced some powershell code to do that and was fairly happy:
Get-Childitem -path S: -recurse -include *classified*,*sensitive*,restricted*
-exclude *notsensitive* | where { $_.Attributes -match “d” } | Get-Acl | where
{ $_.AccessToString -notmatch “DOMAIN\\GROUP” } | select PSPath, AccessToString
| export-csv outputfilename.csv
This works a treat until I realised that there are 140 remote locations where I
don't have powershell installed. Considering the time to get this deployed and
the latest Dave Kennedy/Josh Kelly work, this may not be the ideal solution. I
do have WMI to hand though.
Before I begin to fry my brain with working out how to do this, has anyone done
something similar in WMIC? I know some of the commandlinekungfu kings are on
this list.
Grateful for any help.
k41zen
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
