OFL is a freeware utility that will list files on the specified Server which have been opened via a network connection.
"The user running this utility must be either an Operator or an Administrator. Usage/Help: ----------- usage: ofl \[-cDdfhv?\] \[-s Server\] \[-u User\] \[file\] Options: c - Close each open file listed. D - Display additional file information. d - Detail. f - Force close of all files, (no confirmation required). h - Help, (this). ? - Usage. s - Specify a Server for which to list open files. u - Specify a User for which to list open files. v - Display version information. file - The open file(s) to list. If no User is specified, then open files are listed for all users. If no Server is specified, then open files are listed on the local Server. If no file is specified, then all files are listed. Wildcards, "*" and "?", may be used. Matching is not case-sensitive, but it only applies to file names. If you specify a path as part of the file name, then you must specify the entire path. If the "-c" option is specified without a file name or filter, a warning will be issued to the console and confirmation will be required, unless the "-f", Force, option has also been specified, or standard input has been redirected. The "-d" option displays detailed information including the Network File ID, the Permissions with which the file has been opened, the User Name of the user holding the file open and the File Name. The Network File ID is displayed in hexadecimal. The "-D" option displays additional file information including the file's attributes, size and last write time, as well as the same information displayed by the "-d" option. Usage examples: --------------- ofl ofl -d ofl -D ofl -s \\myserver ofl -u someuser ofl -cu somepooruser ofl -cfu somepooruser ofl -cfu somepooruser \PIPE\* ofl -cdfu somepooruser -s \\myserver etc. Output: ------- If ofl is invoked with no operands, each network opened file is listed along with the user holding the file. For example: rxsh ++D:\Dev\Utilities\ofl>ofl \PIPE\merxpipe_test bill Y:\Users\local\bin bill "Z:\Disk1\Foo Bar Baz" bill With the "-d", Detail, option, each network opened file is listed along with the network file id, the access permissions for the file, the lock count for the file, the user holding the file and the name of the file. Finally, a summary count of the listed files is presented. For example: rxsh ++D:\Dev\Utilities\ofl>ofl -d FILEID PERM LOCK USER FILE 7 RW---A-- 0 bill \PIPE\merxpipe_test 8 ---X---- 0 bill Y:\Users\local\bin 13a ---X---- 0 bill "Z:\Disk1\Foo Bar Baz" 1d5 R------- 0 bill D:\Vss\Data\loggedin\bill.log 4 open files found. The FILEID value is the Network File ID assigned to the opened file. The Permissions for the opened file are a little odd. The Win32 API has only three possible values defined: READ, WRITE and CREATE. However, in examining the values returned, it appears that there are actually eight possible values: READ, WRITE, CREATE, EXECUTE, DELETE, ATRIB, PERM and GROUP. The meaning of some of those values is obvious, but I can only guess at what ATRIB, PERM and GROUP mean. I expect that they indicate permission to change the attributes of the given file, permission to change the permissions, (i.e. the DACL), of the given file and, perhaps, Group access to the given file, respectively. I really have no idea about the GROUP value, though, and, again, this is only a guess; values other than READ, WRITE and CREATE are not apparently documented. Also, it appears to me that these permissions reflect the level of access that was *requested* and not, necessarily, the level of access that the given user actually has to the file. The LOCK value is the lock count on the opened file. The USER value is the user name holding the file open. The FILE value is the name of the file. With the "-D" option, additional information is displayed. The amount of information requires two lines per file: rxsh ++E:\Dev\Utilities\ofl>ofl -D FILEID PERM ATTRIB LOCK LASTWRITETIME FILESIZE USER -------- -------- ------ ---- ---------------- ------------ ------------ 174 RW---A-- ----AC 0 1994-02-12 03:19 14361 bill D:\Disk1\Foo1.txt 175 RW---A-- ----AC 0 1994-02-09 07:59 9110 bill D:\Disk1\Foo2.txt 176 RW---A-- ----AC 0 1994-02-19 20:10 66170 bill D:\Disk1\Foo3.txt 177 RW---A-- ----AC 0 1991-11-16 17:38 88523 bill D:\Disk1\Foo4.txt 178 RW---A-- ----AC 0 1990-02-23 21:45 23552 bill "D:\Disk1\FooBar File5.txt" 5 open files found. The FILEID, PERM, LOCK and USER fields are exactly as displayed with the "-d" option. Additionally: ATTRIB displays the file's attributes: Hidden, Readonly, System, Temporary, Archive and/or Compressed. Of course, the Compressed value will only be set for files on an NTFS volume. LASTWRITETIME is the last write time stamp for the file. FILESIZE is the size of the file, in bytes. If the file is a Directory, then this field will contain the string "\[DIR\]". The second line of each display contains the file name. The name may appear in quotes, if it contains blanks. One final note: The FILEID value in the "-d" and "-D" option outputs is a hexadecimal value. Installation: ------------- Installation is simple; just copy the file into a directory listed in the %Path% Environment variable. The distribution also includes debug symbols. This file should be copied into %SystemRoot%\Symbols\Exe, in order for ntsd, (or windbag, I guess), to find it. Note that the .DBG symbol file is needed only if you want to run the program under a debugger such as ntsd. The file is not needed for any other reason than to make the internal symbols available to the debug program."