Documentation

Permissions Reporter Help

Principals Report

The Principals Report provides a comprehensive view of all security principals (users and groups) that have permissions within your scanned folders. This view helps you understand who has access to your file systems and enables you to audit permissions from a user-centric perspective.

Accessing the Principals Report

After completing a scan, click the Principals tab in the main view area to display the Principals Report. This view aggregates all unique principals found across the folder permissions data.

Principals Grid

The main grid displays one row per security principal with the following columns:

  • Account - The account name or SID of the principal. For resolved accounts, this shows the domain\username format. Unresolved accounts display the raw SID.
  • Display Name - The friendly display name from Active Directory, if available.
  • Type - The principal type: User, Group, Computer, or Unknown.
  • Domain - The domain or machine name where the principal is defined.
  • Department - The department attribute from Active Directory (users only).
  • Title - The job title attribute from Active Directory (users only).
  • Manager - The manager attribute from Active Directory (users only).
  • Statistics - A summary showing the number of folders where this principal has permissions.

Click any column header to sort the grid by that column. Click again to reverse the sort order.

Principal Details

Click on any principal row to expand the details panel, which contains four tabs:

Details Tab

Shows extended information about the selected principal, including:

  • Full distinguished name (DN) for Active Directory objects
  • SID (Security Identifier)
  • Account status and type
  • Additional Active Directory attributes when available

Members Tab

For group principals, displays the direct members of the group. This requires group member extraction to be enabled in the Group Member Extraction project settings. The members list shows:

  • Member account names
  • Member types (User, Group, Computer)
  • Nested group membership (if recursive extraction is enabled)

Member Of Tab

Shows the groups that the selected principal belongs to. This information is extracted from Active Directory when available and helps you understand effective permissions through group membership.

Statistics Tab

Provides detailed statistics about where this principal has permissions:

  • Total folder count - Number of folders where this principal has explicit permissions
  • Permission breakdown - Count by permission type (Full Control, Modify, Read, etc.)
  • Inheritance statistics - Count of inherited vs. explicit permissions

Filtering Principals

Use the filter row at the top of the grid to narrow down the displayed principals. You can filter by any column:

  • Type text in the filter boxes to match values containing that text
  • Use the Type column filter dropdown to show only Users, Groups, or other principal types
  • Combine multiple filters to create complex queries

See Filtering for more information about filter syntax and options.

Exporting Principals Data

The Principals Report can be exported along with other report data. When exporting, enable the Principals option to include this data in your export files. The exported data includes all visible columns and can be filtered before export.

Excluding Principals

To reduce noise in your reports, you can exclude common system principals such as SYSTEM, Administrators, and service accounts. See Excluded Principals in Project Settings to configure which principals should be omitted from the folder permissions report.

PRODUCT

FEATURES

SUPPORT

SAFE. TRUSTED. GUARANTEED.

  • 100% malware free
  • 100% spyware free
  • 100% adware free
  • 100% quality software