Current NTFS ACES Without Inheritance

Details

Summary

How when using the srs.current_ntfs_aces view can I report on the ACES without inheritance?

Explaination

The srs.current_ntfs_aces view includes a field called ace_flags which is a value mask. If this ace_flags value when ANDed with the a decimal value of 16 is equal to 16 than the ACE is inherited. If we therefore mask off that bit mask we can filter off the inherited values.

Code
 Select * From srs.current_ntfs_aces Where ace_flags & 16 <> 16
Author
rlagger
Post date
Wednesday, January 6, 2021 - 08:48
Last modified
Thursday, January 7, 2021 - 11:37
Properties
Supported Version
3.6
Report Category
Permissions
Includes a Report Layout
Yes
Databases
SQL Server, PostgreSQL
Tags
Active Directory
Rating
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0
Downloads
AttachmentSize
Current NTFS ACES Without Inheritance.zip3.38 KB
Sample Report
AttachmentSize
Current NTFS ACEs without Inheritance.pdf75.66 KB
Preview Images