0

Active Directory and WMI: VBscript to enumerate the ntfs rights of a given UNC path

Posted October 20th, 2010 in ntfsrights and tagged , , , , , , , , , , , , , , by dirk adamsky

Last weeks I haven’t done much scripting (lack of inspiration, bad weather, etc.).
But today I finished a script that I wanted to make for quite some time.
The script enumerates the NTFS rights (to be more precisely a subset of the possible NTFS rights: read, change and full-control) of a given UNC path.
What the script does:

  • ask for a UNC path
  • split the UNC path and put the substrings in an array
  • make a wmi connection to the target server
  • find the absolut path of the share
  • enumerate the acl’s
  • close the used objects

Follow the next steps to run the script (admin rights needed for the WMI connection):

  • copy and paste the script in your favorite text editor
  • save the script (for example c:tempuncacl.vbs)
  • open a command prompt
  • go to “c:temp”
  • give “cscript uncacl.vbs” (without quotes) and enter

The script:

' Name : uncacl.vbs
' Description : script to enumerate the ntfs rights of a given UNC path
' Author : dirk adamsky - deludi bv
' Version : 1.00
' Date : 20-10-2010

strUNCPathName = InputBox("please supply the UNC path to the shared folder")
arrUNC = split(strUNCPathName,"")
If Ubound(arrUNC) > 3 Then
	strRightPartOfPath = Mid(strUNCPathName,(Instr(strUNCPathName,arrUNC(4)) -1))
End If
Set objWMI = GetObject("winmgmts:\" & arrUNC(2) & "rootCIMV2")
Set objFileShare = objWMI.Get("Win32_Share.Name=""" & arrUNC(3) & """")
If Right(arrUNC(3),1) = "$" And Len(arrUNC(3)) = 2 Then
	strPath = objFileShare.Path & Mid(strRightPartOfPath,2)
Else
	strPath = objFileShare.Path & strRightPartOfPath
End If
Set objFolderSecuritySettings = objWMI.Get("Win32_LogicalFileSecuritySetting.Path='" & strPath & "'")
objFolderSecuritySettings.GetSecurityDescriptor objSD
For Each objAce in objSD.DACL
	Select Case objAce.AccessMask
		Case 1179817
			strRights = "read-only"
		Case 2032127
			strRights = "full-control"
		Case 1245631
			strRights = "change"
	End Select
	Wscript.Echo strUNCPathName & " ; " & strPath & " ; " & objAce.Trustee.Domain & " ; " & objAce.Trustee.Name & " ; " & strRights
Next
Set objSD = Nothing
Set objFolderSecuritySettings = Nothing
Set objFileShare = Nothing
Set objWMI = Nothing

When you have problems/questions please post a reply or give a ‘star’ rating.

Happy scripting.

Best regards,

Dirk Adamsky – Deludi BV

[adrotate group="3"]


Related Posts:
  • Active Directory and WMI: VBscript to enumerate the ntfs rights of a given UNC path and a given level of subfolders
  • Active Directory and WMI: VBscript to enumerate the system uptime of all servers in Active Directory V2
  • Active Directory and WMI: VBscript to enumerate the system uptime of all servers in Active Directory

    • Leave a Reply





    Popular articles

    Tags

    active directory adsi alive attribute command prompt computer cscript disable disabled distribution group email enumerate excel exchange files filesystem object filter folder groups homedirectory hp microserver lastlogon lastlogontimestamp list mail mailbox memberOf members memberships n36l nested group number ou ping recursion server smtp address status subfolders user vb vbs vbscript vmware esxi wmi

    Categories

    Recent Comments