I have scripted FindAcct.bat, which parses the output of CACLS for
the account or group you specify.
The usage syntax is:
FindAcct StartPath Account ReportFile
where:
StartPath | The starting folder or root. Examples: C: or "C:\Documents and Settings". |
Account | The account or group. Examples: Administrators or "JSIINC\Jerry". |
ReportFile | The full path to the file that contains the report. Example: "%TEMP%\FindAcct.txt". |
FindAcct.bat contains:
@echo off setlocal If \{%1\}\{\} goto syntax If \{%2\}
\{\} goto syntax If \{%3\}==\{\} goto syntax set from=%1 set from=%from:"=% set group=%2 set group=%group:"=% set report=%3 if exist %report% del /f /q %report% call :docacls %1 for /f "Tokens=*" %%i in ('dir "%from%" /B /AD /S') do call :docacls "%%i" endlocal goto :EOF :syntax @echo Syntax: FindAcct StartPath Account ReportFile endlocal goto :EOF :docacls set folder=%1 set folder=%folder:"=% for /f "Tokens=*" %%j in ('CACLS "%folder%"') do call :fndgrp "%%j" goto :EOF :fndgrp set work=%1 set work=%work:"=% set perm=%work% for /f "Tokens=*" %%k in ('@echo %%work:%group%^=%%') do set work="%%k" if %work% EQU "%perm%" goto :EOF set perm=%perm% # set perm=%perm:~0,50% @echo %perm% "%folder%">>%report%
0 comments
Hide comments