(imported topic written by Security_admin)
(imported comment written by Tim.Rice)
Might not get you exactly what you are looking for … but on a Windows Client …
Q: Security Descriptor of <file|folder> “C:\somefileorfolder”
Because the client doesn’t have direct access to AD, what you get back are SID’s and the access rights assigned to them. Someone else might be able to help with expanding this to further lookup the SID’s and return a username.
(imported comment written by SecurityMG)
From another post…
(pathname of it, owner of security descriptor of it, creation time of it) of it of files whose (now - modification time of it < 24*day and ((name of it as lowercase ends with “.exe”) or (name of it as lowercase ends with “.sys”) or (name of it as lowercase ends with “.dll”) or (name of it as lowercase ends with “.ocx”))) of (system x64 folder; descendant folders of system x64 folder)
You will only get the owner group, not the user as that is in Active Directory. The descriptor you would have to convert to be meaningful.
MG