Hi Aeham, I don't think I know of any case that this has been tried.
Karl On Fri, Sep 9, 2016 at 11:23 AM, Aeham Abushwashi < [email protected]> wrote: > Hello, > > I normally crawl Windows file shares with the (smb) shared drive connector > and jcifs and this works pretty well. I’m now in a situation where I need > to crawl a couple of file servers where different shares and subdirectories > are configured with different sets of permissions and I need to do this > without access to admin accounts! > In other words looking for a way to ‘legitimately’ bypass permission > checking (yes, I know how that sounds). > > One option I’ve explored relies on the use of the Backup Operators group. > Membership of this group allows an account to read files without > file/directory level permissions. However, as far as I can tell there are > two restrictions 1) this only works if the software is reading local files > and 2) the client application needs to make an explicit Win32 API call with > a specific parameter in order for permission checking to be bypassed > (assuming of course the account is a member of Backup Operators). > > Has anyone encountered this problem before? > > Many thanks, > Aeham >
