Find files where the owner is an unresolved or orphaned SID. Just change the scan_target line to make the query work for your environment.
How when using the srs.current_ntfs_aces view can I report on the ACES without inheritance?
The srs.current_ntfs_aces view includes a field called ace_flags which is a value mask. If this ace_flags value when ANDed with the a decimal value of 16 is equal to 16 than the ACE is inherited. If we therefore mask off that bit mask we can filter off the inherited values.
Neeed to find the five largest files per scan target and their owners for both eDirectory and Active Directory.
The largest file count can be changed by changing the value in row 17.
Over the past few years computer systems everywhere have been dealing with ransomeware viruses. Crypo, Wanna Cry, and others have hit networks all over the world. How can I find these infected files, so I can restore them from back up?
This is file extension report that displays the fullpath, filename, size, owner, scan_target, and file_extension from the srs.current_fs_scandata_ad database view, and is limited to current scan data in Active Directory.
This report combines file extensions in to categories. The report uses the srs.current_fs_scandata database view which limits the scope to current scans only. The scope is further limited by the sd.fullpath LIKE portion of the sql where clause. If you remove it, the report will run across all current scan_data.
Note: The layout for this report has been updated to handle the chart scripting differently. As it was giving an error for some people.