Using only standard commands, I have scripted SharedFolderPerms.bat to report the NTFS folder permissions
on a computer's shared folders.
The syntax for using SharedFolderPerms.bat is:
SharedFolderPerms \[/$\] \[/S\]
Where /$ is an optional parameter that will enumerate hidden shares, and /S is an optional parameter that will report sub-folder permissions.
The report is generated in a SharedFolderPerms.log file which is created in the current folder.
NOTE: See When I query the ACL of an object with CACLS, what does the (OI), (IO), (CI), and (NP) mean?
SharedFolderPerms.bat contains:
@echo off setlocal if exist SharedFolderPerms.log del /q SharedFolderPerms.log set exclude=Y set subs=N if /i \{%1\} EQU \{/$\} set exclude=N if /i \{%1\} EQU \{/S\} set subs=Y if /i \{%2\} EQU \{/$\} set exclude=N if /i \{%2\} EQU \{/S\} set subs=Y for /f "Tokens=1*" %%a in ('net share ^|FINDSTR /I /L /C:":"') do ( call :parse1 %%a "%%b" ) endlocal goto :EOF :parse1 set shr=%1 set fld=%2 if "%fld:~2,2%" NEQ ":\" goto :EOF if "%exclude%" EQU "N" goto parse2 set wrk=%shr:$=% if "%wrk%" NEQ "%shr%" goto :EOF :parse2 set wrk=%fld: =% if %wrk% EQU %fld% goto parse4 set /a pos=0 :parse3 set /a pos=%pos% + 1 call set char=%%fld:~%pos%^,2%% if "%char%" NEQ " " goto parse3 call set fld=%%fld:~0,%pos%%%" set fld=%fld:\"="% :parse4 set fld=%fld:\"="% set /a pos=%pos% - 1 if %pos% EQU 3 call set fld=%fld:~1,2%@echo Share=%shr%,Folder=%fld%>>SharedFolderPerms.log cacls %fld% >>SharedFolderPerms.log if "%subs%" EQU "N" goto parse5 for /f "Tokens=*" %%f in ('dir %fld% /b /s /ad') do ( cacls "%%f" >>SharedFolderPerms.log ) :parse5 @echo ______________________________________>>SharedFolderPerms.log
0 comments
Hide comments