accesschk.exe – Folder Compliance check

One of my IT Security role is to screen Network Access

Into a Windows Network environment, it is needed to screen the permission on Network Shares and to

  1. Create monthly or quarterly reports
  2. Compare the changes
  3. Communicate the report to the ‘Data Owner’

1. AccessChk.exe

A great tool ‘AccessChk.exe’ allow to do that.

AccessChk.exe provides you with access to the files, registry keys or Windows services for the user or group that you specify. AccessChk.exe now supports a new option -a to query user rights assignment data directly from the LSA store.

First download AccessChk.exe from SysInternals Microsoft

On a command prompt type AccessChk.exe /?

Scan a Network Share (only top level), no banner, with all possible rights.

AccessChk.exe -q -d \\server\share

Add a timestamp to your search

for %%a in (%date%) do set datestamp=%%a
set datestamp=%datestamp:/=%
accesschk -rws "group" "folder target" > %datestamp%.txt

Be the first to comment

Leave a Reply

Your email address will not be published.