Category: | NT Admin |
Author/Contact Info | OzzyOsbourne |
Description: | Uses File::Find and Win32::FileSecurity to dump file permissions to a text file on shares that you specify. Usage code.pl {share} {outputlog} Output:server(tab)share(tab)account(tab)permission1(tab)permission2(tab)...(enter) If the account does not have a permission, the script double tabs, for easy visual inspection. By importing the resultant tab-delimited log into a spreadsheet program, you can sort by account(colC), then share(colB), then server(colA), to very simply compare directory rights across your file and prints. Thanks to Tyke. |
use strict; use Win32::FileSecurity qw(Get EnumerateRights); use File::Find; my $share=$ARGV[0]; my $out=$ARGV[1]; my ($name,$mask,@rights,%hash,$server,%rights2,@folders,$subfolder,$se +rvsplit,$subsplit,$right,$item); my @servers=('SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','S +ERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERV +ERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERX +X'); @servers=map ("//$_/$share",@servers); my @rightsmatch=('DELETE','READ_CONTROL','WRITE_DAC','WRITE_OWNER','SY +NCHRONIZE','STANDARD_RIGHTS_REQUIRED','STANDARD_RIGHTS_READ','STANDAR +D_RIGHTS_WRITE','STANDARD_RIGHTS_EXECUTE','STANDARD_RIGHTS_ALL','SPEC +IFIC_RIGHTS_ALL','ACCESS_SYSTEM_SECURITY','MAXIMUM_ALLOWED','GENERIC_ +READ','GENERIC_WRITE','GENERIC_EXECUTE','GENERIC_ALL','FULL','READ',' +CHANGE'); open (OUT, ">$out") or die "can't open log file!"; foreach $server( @servers ) { print "$server\n"; @folders=''; find(\&wanted, $server); foreach $subfolder (@folders){ print "\t:$subfolder\n"; next unless -e $subfolder ; if ( Get( $subfolder, \%hash ) ) { while( ($name, $mask) = each %hash ) { ($servsplit,$servsplit,$servsplit,$subsplit)=split(/\//,$subfo +lder,4); print OUT "$servsplit\t$subsplit\t$name\t"; EnumerateRights( $mask, \@rights ) ;#creates @rights, a list o +f rights for the account %rights2=(); foreach $right (@rights){ $rights2{$right} = 1; } foreach $item (@rightsmatch){ if (exists $rights2{$item}){ print OUT "$item\t"; }else{ print OUT "\'\t"; } } print OUT "\n"; } } else { print( "Error #", int( $! ), ": $!" ) ; } } } close OUT; sub wanted { if (-d){ push @folders, "$File::Find::dir/$_"; } } |
Back to
Code Catacombs