@ECHO OFF IF "%OS%"=="Windows_NT" (SETLOCAL) ELSE (GOTO Syntax) IF [%1]==[] GOTO Syntax IF NOT EXIST "%~1" GOTO Syntax VER | FIND "Windows NT" >NUL IF NOT ERRORLEVEL 1 GOTO Syntax MYTOKEN.EXE >NUL 2>&1 IF ERRORLEVEL 1 GOTO Syntax :: Calculate the length of the specified resource name CALL :GetLength "%~1" SET /A Length=Length+1 ECHO. :: Remove trailing backslash SET Resource=%~1 IF "%Resource:~-1%"=="\" SET Resource=%Resource:~0,-1% :: Check if an UNC resource specified doesn't end in a share name ECHO.%Resource% | FINDSTR /B "\\" >NUL IF NOT ERRORLEVEL 1 FOR /F "tokens=1-3 delims=\" %%A IN ('ECHO.%Resource%') DO IF "%%C"=="" GOTO Syntax :: Specify first temporary log file and make sure it is empty SET TempFile="%Temp%.\_myToken.dat" IF EXIST %TempFile% DEL %TempFile% :: Use MYTOKEN to store current user's access token in temp file ECHO My Access Token: FOR /F "tokens=2 delims=:(" %%A IN ('MYTOKEN ^| FIND ":" ^| FIND /V "Owner : "') DO CALL :Parse "%%~A" ECHO. :: Specify second temporary log file and make sure it is empty SET TempFile="%Temp%.\_cAcls.dat" IF EXIST %TempFile% DEL %TempFile% :: Use CACLS to store resource permissions in temp file ECHO Resource Permissions: FOR /F "tokens=* delims=" %%A IN ('CACLS "%Resource%" ^| FIND ":"') DO CALL :Parse "%%~A" ECHO. :: Check stored access token against resource permissions and show result ECHO Resultant Access Permissions: FOR /F "tokens=*" %%A IN ('TYPE "%Temp%.\_myToken.dat"') DO FOR /F "tokens=*" %%a IN ('TYPE "%Temp%.\_cAcls.dat" ^| FIND "%%~A:"') DO ECHO. %%a ECHO. :: Clean up temporary files DEL "%Temp%.\_cAcls.dat" DEL "%Temp%.\_Length.bat" DEL "%Temp%.\_myToken.dat" DEL "%Temp%.\_Parse.bat" :: Done ENDLOCAL GOTO:EOF :: Calculate the length of the specified string. :: A temporary batch file is used to enable us :: to nest variables within variables. :GetLength SET Test=%~1 FOR /L %%? IN (1,1,125) DO CALL %COMSPEC% /C IF NOT "%%Test:~%%?,1%%"=="" (>> "%Temp%.\_Length.bat" ECHO SET Length=%%?) CALL "%Temp%.\_Length.bat" GOTO:EOF :: If line starts with resource name, remove resource name from :: line then display the result and store it in a temporary file. :: A temporary batch file is used to enable us to nest variables :: within variables. :Parse SET Line=%~1 IF NOT "%Line:~0,1%"==" " ( CALL %COMSPEC% /C ECHO > "%Temp%.\_Parse.bat" SET Line=%%Line:~%Length%%% CALL "%Temp%.\_Parse.bat" ) CALL :Strip >> %TempFile% ECHO.%Line% ECHO. %Line% GOTO:EOF :: Remove leading spaces :Strip IF NOT "%Line:~0,1%"==" " GOTO:EOF SET Line=%Line:~1% GOTO :Strip :Syntax ECHO. ECHO MyAccess.bat, Version 1.10 for Windows 2000 / XP ECHO Show current user's access permissions for the specified resource ECHO. ECHO Usage: MYACCESS resource ECHO. ECHO Where: "resource" can be a file or directory name, or a UNC network ECHO file resource name not ending with a share name ECHO. ECHO This utility uses MYTOKEN, the C++ source of which is part of the MS ECHO Platform SDK: http://www.microsoft.com/msdownload/platformsdk/sdkupdate/ ECHO A compiled version is available in the lab files for Microsoft's course 2154B, ECHO "Implementing and Administering Microsoft Windows 2000 Directory Services". VER | FIND "Windows NT" >NUL IF ERRORLEVEL 1 GOTO SkipNT4 ECHO The batch file also uses redirection of CACLS, which is not possible in NT 4. ECHO To use this batch file in NT 4, modify it to use XCACLS from the Resource Kit. :SkipNT4 ECHO. ECHO Written by Rob van der Woude ECHO http://www.robvanderwoude.com