- notageek.it di Mirko Iodice - http://www.notageek.it -

NTFS Stuff v1 – Eng

cliccate qui [1] per la versione italiana di questa pagina

VBS WSH Script

Authors: Mirko Iodice, Luca Alberti

Tested on: Windows 2000 Server, Windows 2003 Server, Windows 2008 Server, Windows XP Professional, Windows Vista, Windows 7, Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Mozilla Firefox 3.X

Download [2]

What is NTFS Stuff?

It is hard for a Microsoft System Administrator to keep trace of all changes made to the "logical" structure of a fileserver, so many times we felt the need for a quick and easy tool that could help us to locate those "significant" folders that, in some way, affect the normal application of NTFS permissions based on the "inheritance" principle.
NTFS Stuff is an useful WSH script, written to be used on a fileserver, that generates an HTML report which displays the NTFS access permissions structure. Two different "verbosity" levels make possible to display only the details of "significant" folders or those of the entire folders tree. In addition to the DACL of each single folder the resultant report shows other information, such as: creation date, last modified date, owner, NTFS inheritance.
We have paid particular attention to the graphical representation of information, colours and symbols make easier to note changes in the normal application of NTFS permissions, precisely based, as we said before, on the “inheritance” principle.

The following screenshot highlights the main features of this script



NTFS Stuff, only if started on Windows 2000, prompts the user for a task priority level (1 by default). This setting is used to limit the cpu usage during the execution. It is recommended to not set the 0 level when using this script on production servers or old computers, this is because the WSH Engine normally uses the most of the machine resources and this setting could cause a system freeze. Windows XP/2003 or higher are not affected by this problem, on these systems the script is able to automatically change his task priority level to "low", in this way the resource allocation is left to the operating system.

We noticed that is impossibile to correctly view the output file on Windows Server 2003 systems with the "Internet Explorer Enhanced Security" feature turned on. To fix this problem is necessary to add about:internet in the IE Trusted Sites Zone.

DACL Legend

NTFS Stuff uses functions took from XCACLS.VBS (Windows Support Tools) to display the NTFS permissions in a more readable format.
To understand special permissions refer to the following legenda.

F = Full control
M = Modify
X = read & eXecute
R = Read
W = Write

E = Synchronize
D = Take Ownership
C = Change Permissions
B = Read Permissions
A = Delete
9 = Write Attributes
8 = Read Attributes
7 = Delete Subfolders and Files
6 = Traverse Folder / Execute File
5 = Write Extended Attributes
4 = Read Extended Attributes
3 = Create Folders / Append Data
2 = Create Files / Write Data
1 = List Folder / Read Data

The command line interface

The command line interface makes possibile to run NTFS Stuff remotely via "psexec" or locally as a scheduled task.

To get to the help screen open a command prompt and run "ntfsStuff.vbs" using the "cscript.exe" scripting engine and providing an input argument of your choice (for example the "?" character), for example:

cscript ntfsStuff.vbs ?

On Windows 2000 an additional argument named [PriorityLevel] is required


cscript ntfsStuff.vbs "c:\Data" 0 0

cscript ntfsStuff.vbs "c:\Data" 0 0 /v

The command line also allows you to schedule the script execution via Windows scheduled tasks and to run it against remote servers using the psexec [3] utility.


Example of remote execution via psexec:

psexec \\remote_server cscript C:\ntfsStuff.vbs "C:\Data" 0 0 /v

NTFS Stuff and UAC (User Account Control)

NTFS Stuff is able to automatically request an elevation of privileges when running on operating systems that support and make use of the User Account Control feature (Windows Vista, Windows 7, Windows 2008 Server).

Note: For obvious reasons, the elevation can be obtained automatically only when the script is running in graphical mode, to obtain administrator privileges when running via scheduled tasks or interactive via the command line you must use services or processes (for example: the command prompt) previously "runned as" Administrator.
For remote execution using "psexec" you must authenticate using the "built-in" administrative user (usually "Administrator") or disable the UAC access token filtering [4] security feature.

Known Issues

Folders created by macintosh systems, especially those named with the use of special characters, can cause an unexpected error.

On Windows 2008 Server the script can cause an high CPU utilization by the processes lsass.exe and wmiprvse.exe.


ntfsStuff_v1.zip [5] | version 1.3 | last update on August 24, 2010 | Check the included "readme_eng.txt" file




Mirko Iodice
mirko -at- notageek (.dot) it

Suggeriti dall'autore