Admin Toolbox… AccessChk 2.0

The next tool I am pulling out of the toolbox is a command line tool called AccessChk by Sysinternals.   This free tool runs at the command line and produces a report on the permissions assigned to resources.   This program can query files, directories, Registry keys and Windows services.  

To run the program just download the program from this page (link is near the bottom).   Extract the .exe from the .zip file and put it in your path.  Going to a command prompt and typing “accesschk” will show you the syntax on  how to use the program. 

usage: accesschk [-s][-i|-e][-r][-w][-n][-v][[-k][-c]|[-d]] [username] <file, directory, registry key, service>
   -c     Name is a Windows Service e.g. ssdpsrv (specify ‘*’ as the
          name to show all services)
   -d     Only process directories
   -e     Only show explicitly set Integrity Levels (Windows Vista only)
   -i     Show object Integrity Level (Windows Vista only)
   -k     Name is a Registry key e.g. hklm\software
   -n     Show only objects that have no access
   -q     Omit banner
   -r     Show only objects that have read access
   -s     Recurse
   -v     Verbose (includes Windows Vista Integrity Level)
   -w     Show only objects that have write access

If you specify a user or group name and AccessChk will report the effective permissions for that account; otherwise it will dump the security descriptor. By default the path name is interpreted as a file system path. For each object AccessChk prints R if the account has read access, W for write access and nothing if it has neither. The -v switch has AccessChk dump the specific accesses granted to an account.

This program cam be used to check the filesystem permissions of a group or user with the following command:

accesschk -s ”user or group name“  drive:/location

To see who has access to a path on the filesystem you would execute the following:

accesschk -s drive:/location

To check the access on who has access to the a registry key:

accesschk -k registry_key

To list who has rights to services (use * as service name to list all services):

accesschk -c servicename

This tool is extremely handy when you are doing an audit on your machine.   I often find myself dumping the output to a txt file and reviewing it in a format that is easier to handle to do that append “> filename.txt” to the end of the command and open the file in notepad or Excel.

For more information visit the Sysinternals website or leave me a comment and I can try my best to answer your question.

Download this program from the Accesschk 2.0 page.

Technorati Tags: Windows Administration Tools, AccessChk, Sysinternals, Windows Permissions, NTFS Permissions, Windows Registry