A user (member of DEPT_GROUP) is complaining he doesn't have access to files he should have access to. the problem is we're talking about a directory tree with multiple ACLs. So I got the idea, googled really hard but could not find anything. This is the idea:
Icacls c:\DEPT_FOLDER /T
and then filter out just the results (i.e. entries which don't contain the DEPT_GROUP) to find out which files specifically cannot be accessed. So if I got it right, need to filter by the the ACL property no?
Is it possible or should I try another way?
(P.s. I would like to avoid directly applying rights for the DEPT_GROUP, it's a complex environemnt)