Current NTFS ACES Without Inheritance

Details

Summary

How when using the srs.current_ntfs_aces view can I report on the ACES without inheritance?

Explaination

The srs.current_ntfs_aces view includes a field called ace_flags which is a value mask. If this ace_flags value when ANDed with the a decimal value of 16 is equal to 16 than the ACE is inherited. If we therefore mask off that bit mask we can filter off the inherited values.

Code
 Select * From srs.current_ntfs_aces Where ace_flags & 16 <> 16
 
Author
richlagger
Post date
Friday, March 6, 2015 - 15:40
Last modified
Monday, July 2, 2018 - 13:27
Properties
Minimum Version
2.6.0
Report Category
Permissions
Includes a Report Layout
Yes
Databases
SQL Server, PostgreSQL
Tags
Active Directory
Rating
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0
Downloads
AttachmentSize
Current NTFS ACES Without Inheritance.zip2.98 KB
Sample Report
AttachmentSize
Current NTFS ACES Without Inheritance.pdf283.79 KB
Preview Images