twdeveloper
Programmer
Hello,
I have been tasked to Create a Script to check DP's. Here is the take list:
1.) Determine Domain, DOM1 or DOM2. (That was easy enough)
2.) If DOM1 then Check for existence of share TEST1$ and folder D:\TEST1 (again got this working)
3.) If Share and folder doesn't exist exit with 1 as result. (Okay so far)
Okay so here is where I run into my problem.
5.) If exists, make sure ACL on TEST1& and D:\TEST1 contains the following ACE entries
Authenticated Users - Full Control
FakeUserName& - Full Control
Administators - Full Control
Users - Read, List, Read & Execute
6.) If ACEs don't match exit with 1 as a result
7.) If ACEs match exit with a 0 as a result.
8>) ELSE DOM2 and repeat
So as you see I am not quite sure the best way to do Step 5.) I have gather the SID for Authenticated Users but can't seem to get them for the others. Also didn't know if a program like ICacls or SubinAcl would be in my best interest.
Any help would be much appreciated.
Thank You,
TW
I have been tasked to Create a Script to check DP's. Here is the take list:
1.) Determine Domain, DOM1 or DOM2. (That was easy enough)
2.) If DOM1 then Check for existence of share TEST1$ and folder D:\TEST1 (again got this working)
3.) If Share and folder doesn't exist exit with 1 as result. (Okay so far)
Okay so here is where I run into my problem.
5.) If exists, make sure ACL on TEST1& and D:\TEST1 contains the following ACE entries
Authenticated Users - Full Control
FakeUserName& - Full Control
Administators - Full Control
Users - Read, List, Read & Execute
6.) If ACEs don't match exit with 1 as a result
7.) If ACEs match exit with a 0 as a result.
8>) ELSE DOM2 and repeat
So as you see I am not quite sure the best way to do Step 5.) I have gather the SID for Authenticated Users but can't seem to get them for the others. Also didn't know if a program like ICacls or SubinAcl would be in my best interest.
Any help would be much appreciated.
Thank You,
TW