My friend Danny is a systems administrator and all-around IT guy at a manufacturing company in Indianapolis. He recently came up with a pretty useful little script, and wanted me to pass it on to the world.

Recently I needed to find out which folders a certain person was able to access on our Windows network. Apparently, this was extremely easy in Novell. Since it isn’t 1995 anymore, I tried to find a way to do this on the Internet. I couldn’t, so I set about making my own.

Microsoft has a utility called xcacls.vbs (if you’re using Vista, you’ll have to make sure WMI is installed, and modify the script. If you can’t do that comfortably, you probably don’t want to be messing with the rest of this anyway). It will allow you to change and view ACL’s from a command line. Since I’m not that interested in modifying the ACL’s in a script, the usage is fairly simple “xcacls c:\windows” will result in a listing of who has entries in the ACL and what the entry is (n.b. you’ll also have to have the default script host be cscript. Wscript won’t work).

In order for this to be useful, we really need to be able to have it run automatically on several, if not all, folders on a computer. The first step would be to get a list of the folders we want to run this on. I chose to limit it to one folder and all its subfolders only (c:\ will do everything, while c:\windows will only do the folders in c:\windows. If you want to do c:\windows and c:\program files only, you’ll have to run it twice).

What I was looking for was basically a text file that just had all the folders. This command will create exactly that:

dir "c:\program files" /s /b /o:gn /a:d > c:\batch\xcacls\dirlist.txt

Now that we’ve got a list of all the folders we need to search, we need to actually loop through it.

For /F "tokens=*" %%i in (dirlist.txt) do c:\batch\xcacls\aclSearch.bat administrator %%i

C:\batch\xcacls\aclSearch.bat is another batch file which takes two parameters (I’ll show you it in a minute). I call the other batch file so I don’t have to worry about how DOS handles variables (it doesn’t like to evaluate them during runtime, and will wait until the loop is done and use the final value for each iteration. It’s weird, I know).

A caveat about the for loop: when using for in an interactive CLI you use a single % sign in front of the i, when using it in a batch file, it’s a double %. Don’t ask me why.

aclSearch.bat contains the following

call c:\batch\xcacls\xcacls.vbs "%2" > c:\batch\xcacls\xcaclsResults.txt
 
find /i %1 c:\batch\xcacls\xcaclsResults.txt
 
if %errorlevel%==0 goto Found
 
goto End
 
:Found
 
echo %2 >>c:\batch\xcacls\%1results.txt
 
:End

This calls xcacls.vbs (from Microsoft) passing it the folder name. The quotes are there to handle filenames with spaces. It then sends the results into a temporary file called xcaclsResults.txt

Next we do a find using the search string (the first item passed – administrator in this example) on that file. If Find finds a match, the errorlevel is 0; if not, it is 1. If the errorlevel is 0, then the folder name is put into a results file named whatever the search string is, with results.txt appended (in this example it’d be administratorresults.txt).

So, how do you actually use all this? FindPermission.bat contains:

dir %1 /s /b /o:gn /a:d>"c:\batch\xcacls\dirlist.txt"
 
for /F "tokens=*" %%i in (dirlist.txt) do c:\batch\xcacls\aclSearch.bat %2 %%i

To search the c:\program files directory for anything the administrators group has access to you’d type:

Findpermission.bat "c:\program files" administrators

The results will be in the same folder you ran findpermissons from and be called administratorsResults.txt. To search the C drive for anything Danny Parrott has access to, you’d need:

Findpermission.bat c:\ "Danny Parrott"

The results from this one will be in Danny Parrottresults.txt.

This does require that Findpermission.bat, aclSearch.bat, and xcacls.vbs be either in the same folder, or in a folder that’s in the path variable. It will work for either users or groups. This process is also not instantaneous. The xcacl.vbs script can take upwards of half a second to run, so on larger systems, this is something you’d want to start and come back to later. On the plus side, though, it hardly uses any system resources while running (5MB RAM and 2-4% CPU time on a four-year-old server at work) so you can run it during the day.

My freshman year of college, I knew a kid with a Logitech MX700 cordless mouse. The first time I used it, I knew I had to have one. It was only a few months before I bought the Cordless Elite set, with the Elite keyboard and the MX700 mouse.

I have since discovered that this is the number one best mouse in existence. I’m not a gamer, so I don’t need high sensitivity and hair-trigger response. What I do need on a daily basis are the extra mappable keys that the MX700 (and its siblings) provide.

Logitech canned the MX700 several years ago in favor of the (in my opinion, at least) inferior MX1000. They still, however, produce a corded version - the MX518 gaming mouse. This is what I have in my office at work.

I typically map the second button below the scroll wheel to Ctrl+W, so that I can quickly close tabs and child windows in almost any application. There are, however, two applications I frequently use that do not follow the Ctrl+W convention - Outlook 2003 and SQL Server Management Studio. In Outlook, you need to use Esc to close child windows (messages, appointments, etc.). In SQL Studio, Ctrl+F4 is the only shortcut that will close open tabs in the interface.

Today, on a whim, I Googled to see if there was a way to map each of the mouse’s buttons differently for specific applications. Lo and behold, there is! It turns out that the SetPoint software required for Logitech’s newer mice uses XML for the configuration settings, so someone figured out how to enable lots of additional settings via the aptly-named uberOptions.

This application was ridiculously easy to install and use. I didn’t have to restart, or even manually shutdown SetPoint before installing. Once it was installed, I was able to quickly specify mapped keystrokes for Outlook and SQL Server, and was off and running. Changes take effect immediately - you don’t need to restart an application for its specific mappings to work.

If you have an older MX700-like mouse (the MX500, 700, 510, and 310), you can use an application called LogiGamer, although it looks to be a bit clunkier (and requires the .NET 1.1 framework; it’s old enough that it may not be compatible with newer .NET versions).

If you have a Logitech keyboard, uberOptions will allow you to customize all the keyboard’s extra keys on a per-application basis. I’m just glad that I can finally use the same shortcut button for the same purpose in all my applications!

At work, we use Microsoft SQL Server 2005. The client software requires Windows authentication to connect to a database. However, the credentials are pulled from your logged in Windows account. If you’re not on Purdue’s domain, you can’t connect. While putting my workstation on the domain wasn’t an issue, I prefer using my local user account on my laptop.

Vista supports fast user switching on a domain (XP does not, unfortunately), so I could switch between local and domain to use the SQL client, but running two profiles simultaneously is a bit of a resource hog.

Windows XP has a handy “Run As…” feature. If you right-click on an executable or shortcut, you can click “Run As…” and enter different credentials to load an application. This is especially handy if an admin needs to run something like the Management Console without logging out the user first.

Vista, for some inexplicable reason, has removed this feature. Fortunately, SysInternals came up with a handy little application that brings back the “Run As…” menu. It registers in Explorer’s context menu, and it can be used at the command line to load an application - which means you can create shortcuts specifically to run something as a different user.

It’s small, easy to install, and works great. You can get it here.

I have friends all over the world. Once in awhile, I make use of the various webcams I own and do a little video chatting. Getting video chat to work well will be for another day - something I learned recently, however, was how to setup a live stream on a webpage. It was surprisingly easy, and works in both Windows Vista and Windows XP.

You need three things : a webcam, a decent high-speed internet connection (the lowest end DSL might not have enough bandwidth to support this well), and Windows Media Encoder, which is available for free from Microsoft. If you’re running Vista, there’s a hotfix you might need (it’s linked on the main WME page), but I have yet to have any problems myself.

You might also want to get a dynamic IP service, like dyndns or no-ip. I used no-ip.org, although they seem to be really big on sending me frequent emails advertising their paid services - I’m not a big fan of free services spamming me about their commerical options. If you don’t use a dynamic IP service with the computer running the webcam, you’ll have to manually update the webpage every time your IP changes.

We’ll walk through how to get setup and going. It’s a bit screenshot heavy, so click the jump to see the rest.

Read the rest of this entry »

I just finished up a review of the Asus eeePC 4g (701) for Julie over at The Gadgeteer (check it out here). Before i finally got around to writing that review, I hadn’t done a whole lot with my eeePC. Since last night, however, I’ve installed Windows and started looking for ways to make my eeePC as functional as possible.

Read the rest of this entry »

Every once in awhile, I like to peruse Sourceforge for new, interesting open-source applications. I was looking for a good screenshot application several months ago, when I was working on writing help documentation on a project at my job. I’ve since found out that the help documentation software, Adobe RoboHelp, includes a very nice screenshot manager called RoboScreenShot. This application, however, is not free, and I’m always interested in finding good open-source or freeware alternatives to commercial software. I have been in need of a small, open-source application that allows me to quickly take and save screenshots of applications, particularly since I’ve started writing these articles.

Enter Greenshot. This is a very small, quick application that allows you to take three different types of screenshots: your entire desktop, a selected window, or a selected region. Taking a cue from the application’s name, selections are highlighted with a translucent green region to show what you’re screenshot will contain. The application is small and fast, and allows you to either copy your screenshots to the clipboard for pasting into another program (for instance, PowerPoint or Word), or save it to your computer in JPEG, BMP, GIF, or PNG format. There are also limited annotation features, but I’ve found that this application is most useful when needing to send a picture of part of your screen to someone quickly and easily.

Read the rest of this entry »