How to list folder permissions

List folder permissions on Windows: The easy way

by

Welcome back, fellow Sysadmins. Today I want to show you a quick way how to list folder permissions in a Windows environment.

I recently needed to list folder permissions and was searching for an easy way to list all permissions a certain user has. There is a tool called SubInAcl that gets the job done for us. I will quickly guide you through all of the steps.

Table of Contents

Step 1 – Download and install SubInAcl

Simply download & install the SubInAcl MSI file. Make sure to remember the location where you install it, by default, it is C:\Program Files (x86)\Windows Resource Kits\Tools

Step 2 – Opening a cmd with admin privileges

Now we need to open an elevated command line window. Simply hit the Windows key and type cmd. Right-click it and select run as administrator.

list folder permissions
Running cmd

Next, we need to change into the SubInACL directory by typing:

cd "C:\Program Files (x86)\Windows Resource Kits\Tools"
Code language: JavaScript (javascript)
list folder permissions
Navigating to the SubInAcl folder

Now we are able to run the script.

Step 3 – Running SubInACL to list folder permissions

The command you want to run now is:

subinacl /testmode /noverbose /outputlog=c:\permissions.txt /subdirectories=directoriesonly X:\*.* /findsid=DOMAIN\username

Where X:\*.* indicates the drive you want to search permissions on, and /findsid=DOMAIN\username represents your domain and the user you want to list permissions for.

You have to have the drive connected to your computer to perform the search. Alternatively, instead of X:\*.* you might be able to use \\IPorFQDNofYourShare\Foldername\*.*

Now, depending on how many permissions the user has, this can take a long time to complete. After the script is finished, you can find your permissions.txt in your C:\ drive root directory. The output will look something like this:

+File X:\Foldername\Subfolder1\Subfolder2
/control=0x0
/pace =NameOfYourDomain.com\username  Type=0x0 Flags=0x13 AccessMask=0x1201ff

To clean that up a bit, you could use Microsoft Excel or something like this and use a filter only to display lines starting with +File. I found this to be a good way if I have to look up user permissions quickly. It works well and is relatively fast.

This concludes this tutorial.

Author

Stefan

Stefan is the founder & creative head behind Ceos3c. Stefan is a self-taught Software Engineer & Cyber Security professional and he helps other people to learn complicated topics.

1 thought on “List folder permissions on Windows: The easy way”

  1. Hello Stefan, thanks a bunch for this, could you help me how we can modify the script just show up the main folders, my file shared system has this structure:
    D:\
    D:\NAS
    D:\NAS\Folder1
    D:\NAS\Folder2

    D:\Users
    D:\Users\John
    D:\Users\Sarah

    So, I would like the user permission only for this folders (D:\NAS\Folder1…, D:\Users\John…)
    and avoid the subfolders (D:\NAS\Folder1\Subfolder1, D:\NAS\Folder1\Subfolder2,… etc)
    Just the folders in root path

    How we can modify the script to make it this?

    thanks again 🙂

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Facebook
Twitter
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap