Emjona

A while back we were trying to clean up our SID history from a migration we did when divesting from our original parent company.  We required a tool that would not only enumerate ACLs of files/folders but would also give us the SID associated with that ACL member.  A few tools were found from sysinternals that would enumerate ACLs but we couldn’t find one that would do exactly what we required.  So I went off to make NtfsSidEnumerator, horrible name btw.  With this tool I implemented a few different cmd line options (ignore inherited, ignore specified account names, whether or not it is a recursive enumeration, etc).  The only issue I have with this tool so far is that I can only get it to go to about 256 characters on the path name.  From some research I did it appears this is a Windows/.Net limitation.  Usually these folder paths are mounted in a way that clients don’t actually hit the 256 length limit.

Find the tool here

  NtfsSidEnueration.zip (12.1 KiB, 8 hits)