Sorry I should have said, in true Ed style I want to be able to use built in tools.
On 10 Sep 2010, at 16:32, Bugbear <[email protected]> wrote: > oldie bu goodie > > DumpSec , its free, will allow you to filter for specific user or > group, and only dump sub folders/files that differ from root folder > > http://www.systemtools.com/download/dumpacl.zip > > > > On Fri, Sep 10, 2010 at 10:01 AM, Pommerening, Jeremy > <[email protected]> wrote: >> Take a look at accessenum and shareenum and see if they'll do what you want. >> They're part of the sysinternals tool suite. >> >> http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx >> >> >> >> Jeremy Pommerening >> MGR, Information Security >> Symbion, Inc. >> GIAC - GCFA GPEN GAWN GCFW >> GIAC Advisory Board Member >> MCSE Win2K, MCSE NT4, >> CompTia SERVER+, HP APS >> >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of k41zen Me >> Sent: Friday, September 10, 2010 5:10 AM >> To: PaulDotCom Security Weekly Mailing List >> Subject: [Pauldotcom] WMIC guru's - come in! >> >> I need to conduct folder permissions audit on folders with specific names >> and then check to make sure that a specific group is explicitly denied. >> >> I produced some powershell code to do that and was fairly happy: >> >> Get-Childitem -path S: -recurse -include >> *classified*,*sensitive*,restricted* -exclude *notsensitive* | where { >> $_.Attributes -match "d" } | Get-Acl | where { $_.AccessToString -notmatch >> "DOMAIN\\GROUP" } | select PSPath, AccessToString | export-csv >> outputfilename.csv >> >> This works a treat until I realised that there are 140 remote locations >> where I don't have powershell installed. Considering the time to get this >> deployed and the latest Dave Kennedy/Josh Kelly work, this may not be the >> ideal solution. I do have WMI to hand though. >> >> Before I begin to fry my brain with working out how to do this, has anyone >> done something similar in WMIC? I know some of the commandlinekungfu kings >> are on this list. >> >> Grateful for any help. >> >> k41zen >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> >> >> Disclaimer: The email and files transmitted with it are confidential and are >> intended solely for the use of the individual or entity to whom they are >> addressed. If you are not the original recipient or the person responsible >> for the delivering the email to the intended recipient, be advised that you >> have received this email in error, and that any use, dissemination, >> forwarding, printing or copying of this email is strictly prohibited. If >> you received this email in error, please delete it from your system without >> copying it, and notify the sender by reply email so that our address record >> can be corrected. Thank you. Symbion, Inc. >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
