I have scripted UserPerms.bat to generate a csv file of folders that have user permissions instead of group permissions.
The format of the csv file is:
"Domain\UserName","Folder Path"
"LocalComputer\UserName","Folder Path"
The syntax for using UserPerms.bat is:
UserPerms "Drive:\Folder" "ReportFile"
Where:
"Drive:\Folder" is the starting folder path, like C: or C:\Users. "ReportFile" is the fully qualified name of the csv file to generate.UserPerms.bat contains:
@echo off
setlocal ENABLEDELAYEDEXPANSION
IF \{%1\}\{\} GOTO bad
IF NOT EXIST %1 GOTO bad
IF \{%2\}
\{\} goto bad
set pf=%1
set pf=%pf:"=%#
set pf=%pf:\#=%
set pf=%pf:#=%
set report=%2
set f1=findstr "%USERDOMAIN%\ %ComputerName%\"
set f2=findstr /V /L /G:"%TEMP%\UserPerms.tmp"
if exist %report% del /q %report%
if exist "%TEMP%\UserPerms.tmp" del /q "%TEMP%\UserPerms.tmp"
for /f "Tokens=*" %%a in ('net group /domain^|find "*"') do (
set wrk=%%a
set grp="%USERDOMAIN%\!wrk:~1!"
@echo !grp!>>"%TEMP%\UserPerms.tmp"
)
for /f "Tokens=*" %%a in ('net localgroup^|find "*"') do (
set wrk=%%a
set grp="%ComputerName%\!wrk:~1!"
@echo !grp!>>"%TEMP%\UserPerms.tmp"
)
call :parse "%pf%"
for /f "Tokens=*" %%a in ('dir /s /b /a /ad "%pf%"') do (
call :parse "%%a"
)
if exist "%TEMP%\UserPerms.tmp" del /q "%TEMP%\UserPerms.tmp"
endlocal
goto :EOF
:parse
set obj=%1
set w1=%obj:"=%
set w1=!w1:^)=!
set w1=!w1:^(=!
set w1=!w1:^&=!
for /f "Tokens=*" %%x in ('cacls %obj%^|%f1%^|%f2%') do (
set w0=%%x
set w0=!w0:^)=!
set w0=!w0:^(=!
set w0=!w0:^&=!
if "!w0:~1,1!" EQU ":" call set w0=!w0:%w1% =!
for /f "Tokens=1* Delims=:" %%y in ('@echo !w0!^%f1%^|find /i /v "ECHO is o"') do (
set w2=%%y
call set w2=!w2:%w0% =!
@echo "!w2!",%obj%>>%report%
)
)
goto :EOF
:bad
@echo Usage: UserPerms "Drive:\Folder" "ReportFile"
@echo.
endlocal
0 comments
Hide comments
