DSACLS Script to Export Permissions Jamestechman <jamestechman[ at ]gmail.com> 5/11/2007 4:08:51 PM Anyone have a script or link to export permissions for objects using DSACLS? If there is another method that would be great as well. Looking for a method to script out the SELF permissions on all user accounts to find discrepancies. Thanks, James Chong (MVP)

Re: DSACLS Script to Export Permissions "Joe Richards [MVP]" <humorexpress[ at ]hotmail.com> 5/11/2007 9:17:55 PM Take a look at AdFind. You can dump the nTSecurityDescriptor attribute and have it decoded (look at -sddl++ and -resolvesids) and it allows you to specify a query and dump all objects returned by that query. Also I think the format is a little nicer than DSACLS for looking at multiple objects. -- Joe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Jamestechman wrote: [Quoted Text] > Anyone have a script or link to export permissions for objects using > DSACLS? If there is another method that would be great as well. > Looking for a method to script out the SELF permissions on all user > accounts to find discrepancies. > > Thanks, > > > James Chong (MVP) >