Description: |
Uses File::Find and Win32::FileSecurity to dump file permissions to a text file on shares that you specify.
Usage code.pl {share} {outputlog}
Output:server(tab)share(tab)account(tab)permission1(tab)permission2(tab)...(enter)
If the account does not have a permission, the script double tabs, for easy visual inspection.
By importing the resultant tab-delimited log into a spreadsheet program, you can sort by account(colC), then share(colB), then server(colA), to very simply compare directory rights across your file and prints.
Thanks to Tyke. |
use strict;
use Win32::FileSecurity qw(Get EnumerateRights);
use File::Find;
my $share=$ARGV[0];
my $out=$ARGV[1];
my ($name,$mask,@rights,%hash,$server,%rights2,@folders,$subfolder,$se
+rvsplit,$subsplit,$right,$item);
my @servers=('SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','S
+ERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERV
+ERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERXX','SERVERX
+X');
@servers=map ("//$_/$share",@servers);
my @rightsmatch=('DELETE','READ_CONTROL','WRITE_DAC','WRITE_OWNER','SY
+NCHRONIZE','STANDARD_RIGHTS_REQUIRED','STANDARD_RIGHTS_READ','STANDAR
+D_RIGHTS_WRITE','STANDARD_RIGHTS_EXECUTE','STANDARD_RIGHTS_ALL','SPEC
+IFIC_RIGHTS_ALL','ACCESS_SYSTEM_SECURITY','MAXIMUM_ALLOWED','GENERIC_
+READ','GENERIC_WRITE','GENERIC_EXECUTE','GENERIC_ALL','FULL','READ','
+CHANGE');
open (OUT, ">$out") or die "can't open log file!";
foreach $server( @servers ) {
print "$server\n";
@folders='';
find(\&wanted, $server);
foreach $subfolder (@folders){
print "\t:$subfolder\n";
next unless -e $subfolder ;
if ( Get( $subfolder, \%hash ) ) {
while( ($name, $mask) = each %hash ) {
($servsplit,$servsplit,$servsplit,$subsplit)=split(/\//,$subfo
+lder,4);
print OUT "$servsplit\t$subsplit\t$name\t";
EnumerateRights( $mask, \@rights ) ;#creates @rights, a list o
+f rights for the account
%rights2=();
foreach $right (@rights){
$rights2{$right} = 1;
}
foreach $item (@rightsmatch){
if (exists $rights2{$item}){
print OUT "$item\t";
}else{
print OUT "\'\t";
}
}
print OUT "\n";
}
}
else {
print( "Error #", int( $! ), ": $!" ) ;
}
}
}
close OUT;
sub wanted {
if (-d){
push @folders, "$File::Find::dir/$_";
}
}
|