oldie bu goodie DumpSec , its free, will allow you to filter for specific user or group, and only dump sub folders/files that differ from root folder
http://www.systemtools.com/download/dumpacl.zip On Fri, Sep 10, 2010 at 10:01 AM, Pommerening, Jeremy <[email protected]> wrote: > Take a look at accessenum and shareenum and see if they'll do what you want. > They're part of the sysinternals tool suite. > > http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx > > > > Jeremy Pommerening > MGR, Information Security > Symbion, Inc. > GIAC - GCFA GPEN GAWN GCFW > GIAC Advisory Board Member > MCSE Win2K, MCSE NT4, > CompTia SERVER+, HP APS > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of k41zen Me > Sent: Friday, September 10, 2010 5:10 AM > To: PaulDotCom Security Weekly Mailing List > Subject: [Pauldotcom] WMIC guru's - come in! > > I need to conduct folder permissions audit on folders with specific names and > then check to make sure that a specific group is explicitly denied. > > I produced some powershell code to do that and was fairly happy: > > Get-Childitem -path S: -recurse -include *classified*,*sensitive*,restricted* > -exclude *notsensitive* | where { $_.Attributes -match "d" } | Get-Acl | > where { $_.AccessToString -notmatch "DOMAIN\\GROUP" } | select PSPath, > AccessToString | export-csv outputfilename.csv > > This works a treat until I realised that there are 140 remote locations where > I don't have powershell installed. Considering the time to get this deployed > and the latest Dave Kennedy/Josh Kelly work, this may not be the ideal > solution. I do have WMI to hand though. > > Before I begin to fry my brain with working out how to do this, has anyone > done something similar in WMIC? I know some of the commandlinekungfu kings > are on this list. > > Grateful for any help. > > k41zen > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > Disclaimer: The email and files transmitted with it are confidential and are > intended solely for the use of the individual or entity to whom they are > addressed. If you are not the original recipient or the person responsible > for the delivering the email to the intended recipient, be advised that you > have received this email in error, and that any use, dissemination, > forwarding, printing or copying of this email is strictly prohibited. If you > received this email in error, please delete it from your system without > copying it, and notify the sender by reply email so that our address record > can be corrected. Thank you. Symbion, Inc. > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
