Re: File Permission Audit Tool - Windows

---

• From: "Jay" <jay.tomas@xxxxxxxxxxxxxxx>
• Date: Wed, 26 Sep 2007 08:42:01 -0400

---

Not sure if it will get as granular as you require but Access Enum may be a viable option?

http://www.microsoft.com/technet/sysinternals/Security/AccessEnum.mspx

Jay

----- Original Message -----
From: krymson@xxxxxxxxx [mailto:krymson@xxxxxxxxx]
To: security-basics@xxxxxxxxxxxxxxxxx
Sent: 25 Sep 2007 21:06:17 -0000
Subject: Re: File Permission Audit Tool - Windows

I wish I could give you an easy open source/free tool, but I can't. Hopefully someone else can so I can also use it. :)



In case you do talk to some vendors, the biggest problem with reporting permissions is dealing with duplicates. Tools like xcacls will report every single object or folder, whether it is inherited or different from its parent. You really want to eliminate all that garbage and only report explicit permissions, with the assumption that inheritance is otherwise present downstream. Almost an exception report.





1) Free, but nearly useless

You could use cacls/xcacls, but the output you get will be next to useless.



2) Free, but a little effort

Windows PowerShell allows for some excellent scripting of permissions audits and other such stuff. If you know PS, you should use this as it affords you a lot of customizable power.



3) Commercial, but very cool

I really enjoyed my trials of ScriptLogic's Enterprise Security Reporter [1] a year ago. You can get some nice reports on permissions



[1] http://www.scriptlogic.com/products/enterprisesecurityreporter/



<- snip ->

I am looking for audit tool that will give me a report on all the file permission on a windows 2000/2003 servers. I will prefer open source but would be willing to look at commercial software if it is superior.

---

• Prev by Date: RE: File Permission Audit Tool - Windows
• Next by Date: Re: File Permission Audit Tool - Windows
• Previous by thread: RE: File Permission Audit Tool - Windows
• Next by thread: Re: RE: File Permission Audit Tool - Windows
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: NTFS File Permissions. ... When you restore this to ... Microsoft MVP (Windows Security) ... > I have set file permission in windows 2000 for users on a local ... Is there a utility that can remove all file permissions on a disk? ... (microsoft.public.win2000.security) Re: want to delete a file ... ithe help section of a program I don't understand things I am being told to ... file permission for file I don't know where to go. ... "Pat Garard" wrote: ... > Are you using Windows Explorer? ... (microsoft.public.word.newusers) Re: Problem opening word document ... in Windows? ... Arv Sinha wrote: ... Error message says ... > look for file location and check file permission. ... (microsoft.public.word.docmanagement) File Permission Audit Tool - Windows ... I am looking for audit tool that will give me a report on all the file permission on a windows 2000/2003 servers. ... I will prefer open source but would be willing to look at commercial software if it is superior. ... (Security-Basics)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)