Directory Access Program

Discussion in 'Scripting & Programming' started by Fergal1982, Feb 6, 2007.

  1. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    So... I've been working away on a few mini-programs to help with my days at work, and came up with a Directory Access application.

    Basically, you enter a filepath (UNC or relative), and it iterates through each folder, listing the groups that have ACE permissions, and stating the permission applied.

    Currently, (its in early stages, quite rough) it also has a feature where if you rightclick on a particular folder, and select the appropriate option, it will list each of the subfolders of that particular folder, and their permissions.

    As i said, im developing it for my own use, but would anyone here find use for such an application? If so, i can make it available for you to use. The obvious benefit to me is greater testing.

    Theres a few niggles ive discovered so far though, one which i dont think i can resolve: It refuses to work with DFS filepaths.

    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  2. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Yeah, that sounds like a useful app. 8)

    Does it have to be installed on the server or can you execute it from a client PC with suitable permissions to view the security on a folder?
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  3. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    on the client machine only. although you cant use it on areas you dont have permissions on, since it runs off your own credentials.

    It will also allow you to copy a given folders filepath to clipboard for any uses you have external to the program

    EDIT: actually, i think you could likely run this on the server itself provided .Net framework 2 was running on it. although i havent tried.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  4. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Cool, I would run the application as domain admin from my laptop so that should be ok for permissions.

    How is the data displayed? Is it one big text file? :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  5. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    nope, output is via a expandable tree view.
    For each folder, it lists the name of the folder (and the filepath in brackets), under that node, it then lists each of the groups (although currently ive set it to ignore certain accounts like builtin\administrator, an IS group at work, and the s-1.. accounts (groups/users who no longer exist), but i could likely code a system where you can dynamically set this.

    Under each group, it then lists the permissions on the folder (ie, read and execute, modify).

    This process is the same for checking the subfolders.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  6. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Cool, so how much for the software then? :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  7. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    £50.

    lol. id provide it for free. for several reasons. firstly im still developing it (so its a beta). Secondly, im not a professional programmer, and my professional experience extends to a 6 week secondment, with some part time, selfmotivated programs in vbscript and (now) vb.net. Thirdly, ive done some of this development at work in my spare moment, and borne from a need in my job, so theres the possibility that technically, the rights belong to them. im not too sure how that works.

    But for testing.....
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  8. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    Hey Fergal, that sounds pretty useful. If you can let me have a trial copy for a couple of weeks I might be able to persuade our company to buy ten or so licences it you want to sell it.
     
    Certifications: A+, Network+
    WIP: 70-270
  9. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    View attachment 561

    Ok Ladies and Gentlemen. As promised the app is attached. Its quite straightforward, this is as is (although ill expand on the concept over time). right-clicking on a node will give you any options you can do.

    You will need .Net Framework 2 installed in order to run this app, but other than that all you (should) need to do it extract it and run it.

    Im going to do a standard disclaimer here: Whilst this application is designed to query only and not make changes to the areas queried, any damage done to the permissions on a checked area is not my responsibility, nor certforums. Additionally, whilst ive virus checked the file, again, any virus infections are not my responsibility and certainly not certforums. It is suggested that you scan for viruses yourself to be sure, and test this initially in a test area. use of this software implies acceptable of these conditions.

    That said, ive been running it on my own live environment without any issue (apart from the previously mentioned DFS issue).

    It may not look overly pretty, but bear with me, im pretty new to programming in general, and .net specifically, so im going for functionality initially.

    Let me know how it works (or doesnt) for you guys. And if you have any feature suggestions feel free to let me know.

    Thanks
    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  10. r.h.lee

    r.h.lee Gigabyte Poster

    1,011
    52
    105
    Fergal1982,

    Disclaimer: I am not a lawyer so seek competent legal advice. That said, do you have some sort of "[Accept]" or "[Reject]" routine as part of the software installation process for the exact text or more similar to your own disclaimer text? Without some sort of integrated legalese with the software, since the software is being distributed by CF through your post, you, CF, and any employee who uses the software without prior permission by management, may be subject to some sort of "unauthorized security testing" (i.e. an internal hacker) to "unauthorized network/system use" policy enforcement and possible criminal or civil lawsuit. In other words, be careful about providing the tool.
     
    Certifications: MCSE, MCP+I, MCP, CCNA, A+
    WIP: CCDA
  11. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    Nice one Fergal, I'll let you know how my testing goes.
     
    Certifications: A+, Network+
    WIP: 70-270
  12. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,749
    200
    246
    any chance on providing the source code as well mate? be great for members to learn a bit more programming from your brilliant example, as well as allowing some of our more literate members to add functionality back into the product! a true community effort :)
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  13. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    Not at present, no. Its just the functional app for now, im essentially just providing it as i would a vbscript code. The minidisclaimer with the attachment is mainly so that people understand that CF itself isnt directly involved with the app.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  14. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    UPDATE: I've made a couple of modifications to the app, namely:

    1. Group Permissions will now group together (so there will only be one instance of a group under a particular folder).

    2. The Nodes now have appropriate icons, to permit easier identification of exactly what you are looking at.

    3. I've added one or two new options to the context menu on the nodes.

    On the subject of releasing the project source, im still debating whether i want to do this, for various reasons, but im happy to talk through a particular aspect of the app if someone wants to know how i achieved a particular end.

    For simplicity for now, ive updated the zip file on my previous post so its all in one place. Im going to look into setting up a webspace where i can publish the app, so that you can all be automatically given updates when i make them.

    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  15. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    Nice one Fergal. I haven't been able to test it at work because we don't have .Net Framework 2 installed. I'm thinking about asking my boss if we can install it but as he is the real-life equivalent of the PHB, explaining the reasons for it and what it is is going to be excruciating.
     
    Certifications: A+, Network+
    WIP: 70-270
  16. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    You should only need it installed on your own personal machine. If you are a local admin, surely you could just *cough* go ahead and install it.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  17. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    Maybe I will.:twisted:
     
    Certifications: A+, Network+
    WIP: 70-270
  18. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    How are you guys finding this so far? you had a chance to test it out?
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  19. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    Am i being blind? I cant seem to edit my posts any more in this thread??? Strange.

    Anyway, Ive got a new version of this for any of you using the app:

    View attachment Directory Permission Finder.zip

    Changes to this version include:
    • An option page where you can specify your own group exclusions
    • The main and subfolder panels now automatically adjust, getting rid of the grey panel when not viewing subfolder details
    • Deny permissions will now list "(Deny)" at the end of the permission. Im not entirely sure how to handle this so if you have any suggestions, please let me know.
    • Trying to copy the filepath on a folder you are denied access to should no longer crash out the program
    I've noticed a weird thing on my setup too. When i try to check the c:\ or d:\ permissions (local drive permissions), it seems to go a little mental and list a different folder. Im not entirely sure why this is but it just seems to be on the root level folder. Ill keep working on this and see what comes out.

    On another note, does anyone know where i can get some good webspace for free? preferably ad-free. I dont need heaps (at least not at the moment).

    Thanks
    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  20. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    Has anyone been using this? If so, how have you been finding it? I'm thinking of releasing this onto the web, getting a website together for downloads. I've got one issue that i need to address, see if i can get it resolved, but i havent really done anything with it of late.

    I also need a name for the app, so if anyone has any suggestions.....

    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.