Auditing NTFS Permissions
Permissions Reporter software provides a number of features that enable the creation of scheduled permissions audits for one or more NTFS file systems. In this article, we'll take a closer look at how to build a custom permissions audit report that runs on a scheduled basis with delivery via email.
Audit Report Criteria
Permissions Reporter offers permissions data filtering capabilities that allow you to quickly answer questions such as:
- Which folders have open permissions (e.g. grant full control to everyone)?
- Which folders grant permissions to disabled (or unresolvable) accounts?
- Which folders do not inherit their permissions?
- Any many, many others.
Crucially, Permissions Reporter filters can be applied either after a file system analysis completes - or during the scan. The latter is called Project Scan Filtering because the filter criteria are stored within the project itself and are applied as the scan progresses. This can be highly advantageous, as it allows you to scan large file systems while only capturing specific permissions details.
Now let's create a new project for the purpose of generating a simple permissions audit report.
With Permissions Reporter running, click the New Project button in the main window toolbar. The Project Settings window will appear. For now, leave all the project settings at their defaults, then navigate to the Scan Filter tab and follow these steps:
- Select the Enable scan filter for the current project checkbox
- Click the Add button
- Select Add quick filter
- Choose Show only permissions allowing everyone full control
We now have a project that will audit your OS drive and report on any folders granting full control to the "everyone" or "authenticated users" groups. Save the project and then run it by clicking the Run Project button in the main window toolbar to view the results.
Note: Feel free to adjust the project scan filter if this one doesn't produce useful audit results on your computer.
Scheduling the Audit Report
Next, we'll schedule the execution of this project to produce an audit report that is delivered via email.
- Click the Save button in the main window toolbar and select a storage location for your audit project (i.e. "c:\audits\project.xml").
- Click the Scheduler button in the main window toolbar. The Scheduled Tasks window will appear.
- Click the New button in the Scheduled Tasks window. The Task Editor window will appear.
Now we just need to configure our scheduled audit task, as follows:
- For the Project path field, specify the path that you chose earlier when saving the project.
- Check the Excel file checkbox in the list of export options and specify an output path (i.e. "c:\audits\exposed-folders.xlsx").
- Click the Email report checkbox option and enter your email address (note: this requires valid mail server configuration in the global options window).
- Finally, select the Schedule tab of the Task Editor window and choose your desired delivery interval.
Click Save in the Task Editor to save the permissions audit report. You will be returned to the Scheduled Tasks window, where we recommend you select your newly created task and Run it for testing purposes.
This article has shown how you can schedule email delivery of a custom NTFS permissions audit report (in Excel file format) with Permissions Reporter.