How to list folder permissions

List folder permissions on Windows: The easy way

by

Welcome back, fellow Sysadmins. Today I want to show you a quick way how to list folder permissions in a Windows environment.

I recently needed to list folder permissions and was searching for an easy way to list all permissions a certain user has. There is a tool called SubInAcl that gets the job done for us. I will quickly guide you through all of the steps.

Table of Contents

Step 1 – Download and install SubInAcl

Simply download & install the SubInAcl MSI file. Make sure to remember the location where you install it, by default, it is C:\Program Files (x86)\Windows Resource Kits\Tools

Step 2 – Opening a cmd with admin privileges

Now we need to open an elevated command line window. Simply hit the Windows key and type cmd. Right-click it and select run as administrator.

list folder permissions
Running cmd

Next, we need to change into the SubInACL directory by typing:

cd "C:\Program Files (x86)\Windows Resource Kits\Tools"Code language: JavaScript (javascript)
list folder permissions
Navigating to the SubInAcl folder

Now we are able to run the script.

Step 3 – Running SubInACL to list folder permissions

The command you want to run now is:

subinacl /testmode /noverbose /outputlog=c:\permissions.txt /subdirectories=directoriesonly X:\*.* /findsid=DOMAIN\username

Where X:\*.* indicates the drive you want to search permissions on, and /findsid=DOMAIN\username represents your domain and the user you want to list permissions for.

You have to have the drive connected to your computer to perform the search. Alternatively, instead of X:\*.* you might be able to use \\IPorFQDNofYourShare\Foldername\*.*

Now, depending on how many permissions the user has, this can take a long time to complete. After the script is finished, you can find your permissions.txt in your C:\ drive root directory. The output will look something like this:

+File X:\Foldername\Subfolder1\Subfolder2
/control=0x0
/pace =NameOfYourDomain.com\username  Type=0x0 Flags=0x13 AccessMask=0x1201ff

To clean that up a bit, you could use Microsoft Excel or something like this and use a filter only to display lines starting with +File. I found this to be a good way if I have to look up user permissions quickly. It works well and is relatively fast.

This concludes this tutorial.

Author

Stefan

Stefan is the founder & creative head behind Ceos3c. Stefan is a self-taught Software Engineer & Cyber Security professional and he helps other people to learn complicated topics.

1 thought on “List folder permissions on Windows: The easy way”

  1. Hello Stefan, thanks a bunch for this, could you help me how we can modify the script just show up the main folders, my file shared system has this structure:
    D:\
    D:\NAS
    D:\NAS\Folder1
    D:\NAS\Folder2

    D:\Users
    D:\Users\John
    D:\Users\Sarah

    So, I would like the user permission only for this folders (D:\NAS\Folder1…, D:\Users\John…)
    and avoid the subfolders (D:\NAS\Folder1\Subfolder1, D:\NAS\Folder1\Subfolder2,… etc)
    Just the folders in root path

    How we can modify the script to make it this?

    thanks again 🙂

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap