|
Posted by Roger Abell [MVP] on January 6, 2007, 8:06 pm
Please log in for more thread options > Roger, have you tried icacls in Vista? It has a number of bugs in it, but
> also shows some promise.
>
No I have not, at least that is not against what I find the most
problematic, which is storage that has been existing since NT 4
and so seen a few changes in ACE flag semantics.
That is a good idea to test it out though, so I will watch for
an opportunity.
Roger
> "Roger Abell [MVP]" wrote:
>
>> I have yet to find any scriptable tool that can reliably do the detection
>> of inherited or not on storage that has had an arbitrary history.
>>
>> See thread begun December 20, 2006 1:47 PM with subject
>> Enum only files/folders where explicit NTFS rights have been sette
>> in microsoft.public.security
>> for list of other tools that have been tried and found lacking
>>
>> > Hi guys
>> >
>> > Looking for an easy to use tool (prferably one that is scriptable)
>> > which
>> > can walk through all folders, shares (and all directory objects, too -
>> > a
>> > guy can wish can't he?) so that I can rapidly discover those files with
>> > an
>> > unknown/broken SID or explicitly granted permissions whcih are always
>> > buried 3 folders deep in SYSVOL or docs&sets/administrator/localsetting
>> > s/foo, which were put there because the previous admin needed to do a
>> > quick workaround or just plain didn't appreciate what a pain it would
>> > be
>> > for the next guy to figure out where all these goodies are stashed.
>> >
>> > TreeSize Pro 4 sort of does this, but I don't know if it is scriptable,
>> > and it just groups files by user (and lumps all nameless users under
>> > one
>> > big 'unknown' category) - it doesn't address the inheritance-explicit
>> > permissions issue.
>> >
>> > Any ideas are welcome
>> >
>> > Rob
>>
>>
>>
| 
XML Sitemap