I have scripted FindAcct.bat, which parses the output of CACLS for
the account or group you specify.
The usage syntax is:
FindAcct StartPath Account ReportFile
where:
| StartPath | The starting folder or root. Examples: C: or "C:\Documents and Settings". |
| Account | The account or group. Examples: Administrators or "JSIINC\Jerry". |
| ReportFile | The full path to the file that contains the report. Example: "%TEMP%\FindAcct.txt". |
FindAcct.bat contains:
@echo off
setlocal
If \{%1\}\{\} goto syntax
If \{%2\}
\{\} goto syntax
If \{%3\}==\{\} goto syntax
set from=%1
set from=%from:"=%
set group=%2
set group=%group:"=%
set report=%3
if exist %report% del /f /q %report%
call :docacls %1
for /f "Tokens=*" %%i in ('dir "%from%" /B /AD /S') do call :docacls "%%i"
endlocal
goto :EOF
:syntax
@echo Syntax: FindAcct StartPath Account ReportFile
endlocal
goto :EOF
:docacls
set folder=%1
set folder=%folder:"=%
for /f "Tokens=*" %%j in ('CACLS "%folder%"') do call :fndgrp "%%j"
goto :EOF
:fndgrp
set work=%1
set work=%work:"=%
set perm=%work%
for /f "Tokens=*" %%k in ('@echo %%work:%group%^=%%') do set work="%%k"
if %work% EQU "%perm%" goto :EOF
set perm=%perm% #
set perm=%perm:~0,50%
@echo %perm% "%folder%">>%report%
0 comments
Hide comments
