[Pauldotcom] Auditing Folder Permissions on Windows

Jeremy Pommerening theaudioman at yahoo.com
Fri Mar 4 21:25:15 UTC 2011


shareenum and accessenum  both available on the technet site.

http://technet.microsoft.com/en-us/sysinternals/bb897442
http://technet.microsoft.com/en-us/sysinternals/bb897332

Jeremy Pommerening

CISSP,GCFA,GPEN,GAWN,GCFW,

MCSE Win2K, MCSE NT4

--- On Fri, 3/4/11, Zate <zate75 at gmail.com> wrote:

From: Zate <zate75 at gmail.com>
Subject: [Pauldotcom] Auditing Folder Permissions on Windows
To: "PaulDotCom Security Weekly Mailing List" <pauldotcom at mail.pauldotcom.com>
Date: Friday, March 4, 2011, 7:18 AM

So here is my issue.
I am having to basically output the ACL's (ie user/group and it's permissions) for about 9 shares on our network.  So in the form of \\server\place\folder

i need to know the ACL on every folder under that top one to tell if it's changed from what it should be.
so far I've tried doing it in perl and in ruby, both run into some limitations with the sheer number of folders or with dealing with the depth of recursion.

tried it in Powershell, hits a limit in the length of the folder names.
Any tools out there that do this stuff?  This is kind of centered around SOX reporting, so I am sure I am not the only one trying to do this.  

Ideas?
thanks.
Zate



-----Inline Attachment Follows-----

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20110304/d32051a9/attachment.htm>


More information about the Pauldotcom mailing list