I've been reading the little help screen on trustee.nlm and also TID 2971887
but I can't seem to get it right

trustee effective groupname.context outputfile - this works but shows me for
whatever the default path is. Nice but not terribly useful. What I need is

trustee <grant read and filescan> <volume:path\filename.ext>
<groupname.context> <outputfile>

Can trustee.nlm even do this? The issue is that we have some files that
regularly get deleted and recreated, and the rights to them disappear. The
filing system is out of our control - we need to manage this on a file
level, not a folder level. The current solution is to run RIGHTS in a batch
file but it doesn't always work and I want to automate it at the server, not
a workstation.