The script then executes the :checkowner section of the script for each file that the Dir command returns. The :checkowner section first runs Subinacl against the filename and stores the owner information in the owner variable. The script then determines whether the specified user owns the file by echoing the owner string retrieved from the Subinacl command, then piping the owner string to the Find command to check for a match between the specified user's SID and the SID of the file's owner. When ERRORLEVEL equals 0, a match has been made and the script sets the found variable to 1, as the code at callout D shows. Because the script clears the found variable before setting it, you can determine whether the found flag has been set by checking whether the script has defined the found variable. If the variable has been defined, a match was found and the script outputs the filename to the output file, as the code at callout E shows.
If you look at the script, you'll notice that it also checks the owner variable against the USERID parameter, as the code at callout C shows. This step needs to occur because if you execute the script against an NT 4.0 server, the Subinacl command will return an actual username rather than the cryptic SID. Because ownedby.cmd includes this extra bit of code, you can execute the script on newer Windows Server 2003 and Win2K systems as well as older NT 4.0 systems. . . .
Register
