I’m once again having trouble piecing together some code…I’ve been studying the forum entries for a while and have come up something that works, but doesn’t give me everything I would like to see so I’m hoping someone can tell me what i’m missing. here is what I stole from a couple other threads (Thanks to those who contributed, hopefully you recognize the code and know who you are ):
q: (account name of trustee of it & " - " & (if (generic read permission of it OR read permission of it) then “R” else “”) & (if (generic write permission of it OR write permission of it) then “W” else “”) & (if (generic execute permission of it OR execute permission of it) then “E” else “”)) of entries whose (exists generic read permission of it OR read permission of it OR generic write permission of it OR write permission of it OR generic execute permission of it OR execute permission of it) of dacl of security descriptor of network shares
A: Administrators - RWE
A: SYSTEM - RWE
T: 21.788 ms
This is awesome, except that it doesn’t tell me what network share it is. I need to see the share name and the group with its permission. Can someone help me do this. I would greatly appreciate it. Thank you.
Q: (name of it, path of it, (if (not exists entries of dacls of security descriptors of it) then “n/a” else ((trustee of it as string & “:” & (if ( read permission of it) then “R” else “”) &(if ( write permission of it) then “W” else “” ) &(if ( execute permission of it) then “E” else “” ) &(if ( set value permission of it) then “F” else “” )) of entries of dacls of security descriptors of it))) of network shares whose ((name of it != “IPC$”) AND (name of it != “ADMIN$”) AND (name of it != “C$”) AND (name of it != “D$”) AND (name of it != “E$”) AND (name of it != “F$”) AND (name of it != “G$”) AND (name of it != “H$”) AND (name of it != “I$”))
One more question. Is there a way to also have it pull the permissions for the result of “path of it”?? so that I can see the network share permissions and the ntfs permissions on the folder itself? Thanks.
So far I have come up with this to compare the network share path to the path of a folder:
q: (pathnames of descendant folders of folder “c:” as lowercase) whose (exists (it, (paths of network shares as lowercase) ) whose (item 0 of it is item 1 of it))
Now I need to figure out how to combine this with:
(name of it, path of it, (if (not exists entries of dacls of security descriptors of it) then “n/a” else ((trustee of it as string & “:” & (if ( read permission of it) then “R” else “”) &(if ( write permission of it) then “W” else “” ) &(if ( execute permission of it) then “E” else “” ) &(if ( set value permission of it) then “F” else “” )) of entries of dacls of security descriptors of it))) of network shares
to give me permissions for the folder the share references. Hopefully someone comes along that knows a better way to do this or can help me figure it out before I begrudgingly remove all my hair. Thanks in advance
q: (if ((not exists entries of dacls of security descriptors of it) then “n/a” else ((trustee of it as string & “:” & (if ( read permission of it) then “R” else “”) &(if ( write permission of it) then “W” else “” ) &(if ( execute permission of it) then “E” else “” ) &(if ( set value permission of it) then “F” else “” )) of entries of dacls of security descriptors of it)of descendant folders whose(pathnames of descendant folders of folder “c:” as lowercase) whose (exists (it, (paths of network shares as lowercase) ) whose (item 0 of it is item 1 of it))))
I came up with this, and it runs with no errors, but after an hour I had to kill it so I could go home lol.
q: (pathname of it, (if (not exists entries of dacls of security descriptors of it) then “n/a” else ( ( trustee of it as string & “:” & (if ( read permssion of it) then “R” else “”) & (if (write permission of it) then “W” else “”) & (If ( execute permission of it) then “E” else “”) & (if (set value permission of it) then “F” else “”))) of entries of dacls of security descriptors of it)) of descendant folders whose (exists (pathnames of descendant folders of folder “c:” as lowercase) whose (exists (it,(paths of network shares as lowercase)) whose (item 0 of it is item 1 of it))) of folder “c:”
anyone got an idea of how to do this more efficiently so it will actually complete? Thanks