Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > How to get an ACL exception report

How to get an ACL exception report

Forum Windows 2000/NT : Windows 2000/NT General Discussion - How to get an ACL exception report

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   03-21-2005 at 11:18:40 PM

Archived from groups: microsoft.public.win2000.security (More info?)

 

I'm looking for a program that will summarize ACL settings on a directory
structure. I'd be happy with an option to use with XCACLS * /T that showed
only settings that are not inherited from a parent.

If I'm checking the security of a filesystem, it's impractical to check the
security of every single file -- and highly redundant, as most files simply
inherit ACLs from the parent folder. Yet any tool I've found lists ACLs in
excruciating detail, burying important differences in a mass of irrelevant
inherited data.

I'm sure such a tool exists somewhere. Heck, Novell had it years ago --
but then, their security structure was more efficient (;-/2).

/kenw
Ken Wallewein
K&M Systems Integration
Phone (403)274-7848
Fax (403)275-4535
kenw@kmsi.net
www.kmsi.net

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   03-21-2005 at 11:18:41 PM
- 0 +

Archived from groups: microsoft.public.win2000.security (More info?)

 

Dumpsec is a nifty free tool and it may be able to do what you want if you
check the options in the "permissions report options". Another tool to check
is fileacl. I don't know if it can do exactly what you want but it has a
myriad of options including a /noinherited switch for display mode. ---
Steve

http://www.systemtools.com/somarsoft/ -- Dumpsec
http://www.gbordier.com/gbtools/fileacl.htm -- Fileacl

<kenw@kmsi.net> wrote in message
news:5nvt31t921aheemkflp8f9027ibjv3vb88@4ax.com...
> I'm looking for a program that will summarize ACL settings on a directory
> structure. I'd be happy with an option to use with XCACLS * /T that
> showed
> only settings that are not inherited from a parent.
>
> If I'm checking the security of a filesystem, it's impractical to check
> the
> security of every single file -- and highly redundant, as most files
> simply
> inherit ACLs from the parent folder. Yet any tool I've found lists ACLs
> in
> excruciating detail, burying important differences in a mass of irrelevant
> inherited data.
>
> I'm sure such a tool exists somewhere. Heck, Novell had it years ago --
> but then, their security structure was more efficient (;-/2).
>
> /kenw
> Ken Wallewein
> K&M Systems Integration
> Phone (403)274-7848
> Fax (403)275-4535
> kenw@kmsi.net
> www.kmsi.net

Reply to Anonymous
Anonymous   03-23-2005 at 07:29:13 AM
- 0 +

Archived from groups: microsoft.public.win2000.security (More info?)

 

Those are great! Thanks!

They're still a little verbose, displaying redundant information, but a lot
better than the Microsoft blunt instruments.

/kenw


"Steven L Umbach" <n9rou@nospam-comcast.net> wrote:

>Dumpsec is a nifty free tool and it may be able to do what you want if you
>check the options in the "permissions report options". Another tool to check
>is fileacl. I don't know if it can do exactly what you want but it has a
>myriad of options including a /noinherited switch for display mode. ---
>Steve
>
>http://www.systemtools.com/somarsoft/ -- Dumpsec
>http://www.gbordier.com/gbtools/fileacl.htm -- Fileacl
>
><kenw@kmsi.net> wrote in message
>news:5nvt31t921aheemkflp8f9027ibjv3vb88@4ax.com...
>> I'm looking for a program that will summarize ACL settings on a directory
>> structure. I'd be happy with an option to use with XCACLS * /T that
>> showed
>> only settings that are not inherited from a parent.
>>
>> If I'm checking the security of a filesystem, it's impractical to check
>> the
>> security of every single file -- and highly redundant, as most files
>> simply
>> inherit ACLs from the parent folder. Yet any tool I've found lists ACLs
>> in
>> excruciating detail, burying important differences in a mass of irrelevant
>> inherited data.
>>
>> I'm sure such a tool exists somewhere. Heck, Novell had it years ago --
>> but then, their security structure was more efficient (;-/2).
>>
>> /kenw
>> Ken Wallewein
>> K&M Systems Integration
>> Phone (403)274-7848
>> Fax (403)275-4535
>> kenw@kmsi.net
>> www.kmsi.net
>

Ken Wallewein
K&M Systems Integration
Phone (403)274-7848
Fax (403)275-4535
kenw@kmsi.net
www.kmsi.net

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > How to get an ACL exception report
Go to:

There are 950 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.212 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
They won a badge
Join us in greeting them
How do I win badges?