# List the folders a user has access to



## ashks73 (Feb 1, 2011)

Is there a quick way to show ALL the folders a user has access to on a network drive?

I just need something that will show any folder on the server a specified user has access to.


----------



## bliss-II (Oct 18, 2012)

Sometimes users are assigned access to directories explicitly. To find these, use icacls. Run this from the root of the drive you want to check. Output.txt will have your list. Replace [USERNAME] with their username.

icacls * /findsid [USERNAME] /t /c /l > output.txt

However, share and directory permissions are _usually_ assigned with groups. Replace [GROUP NAME] with the name of the group (e.g., Domain Users).

icacls * /t /c /l | findstr /i "[GROUP NAME]" > output.txt

If you want to know what groups they belong to... (Replace [USERNAME] with their username.)

dsquery user -samid [USERNAME] | dsget user -memberof

Also, I'm not sure if you plan on removing a user's access or not, so I'll throw this out there. If you want to let a group to have access to a share, but not allow this one user, you can add them to the share permissions, and DENY the user access.


----------

