Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 845
  • Last Modified:

File Permission Management Software

We've been searching for software that will help us manage our file/folder permissions with Active Directory users/groups.

We've seen a demo by Varonis DatAdvantage and it's very impressive.  The price tag is not:  $70,000 initial fee, then $14,000 after that per year.  We have ~650 users.

Are there any competitors or software similar to this?
0
trippleO7
Asked:
trippleO7
  • 3
  • 2
  • 2
1 Solution
 
Henrik JohanssonSystems engineerCommented:
You can do it with built/in functionality in Active Directory by creating GPOs and setting the necessary permissions in Computer Configuration\Windows Settings\Security Settings\File System
Right-click and choose Add File
Browse to the folder for existing paths on the current computer or add a manual path in the input field for paths that doesn't nead to exist.
Click ok and choose the necessary permissions..

Link the GPO to an OU with computer objects.
0
 
trippleO7Author Commented:
Thanks for the reply.  We're looking more towards software that would allow us to basically click on a file, see the permissions (similar to what's built-in to a Windows OS), and then go a step further to be able to click on a user or group to be able to see what folders they have permission to and what level of permission.  Then to be able to make changes on the fly as needed.

It would serve as a Auditing and Security compliance, as well as permission management.  I hope that explains it in better detail.

An example would be:  The head of HR comes down and requests to see if a certain person has access to a particular folder, or to see everything this person has access to, on the network, it's proving to be difficult for us (IT Dept) to gather that information.

Another example would be:  One person leaves the company and a replacement is hired.  We are given the task of granting this new person access to everything the previous employee had access to.  It seems nearly impossible to complete this type of request.

0
 
Henrik JohanssonSystems engineerCommented:
Yes, reporting is always an issue...
Take a look on Hyena, www.systemtools.com, which maybe does what you want.

When replacing a user to give the new user the same permissions, just rename him to keep the SID or always use groups when setting permissions. Setting permissions directly to an user will be easy for the moment, but will be a real pain in the future when neading to clean up and remove permissions.
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
tigermattCommented:
Hyena will do the job of showing you what resources, files and folders a user has access to on the network, and it's not as expensive.

>> "We are given the task of granting this new person access to everything the previous employee had access to"
It would be a lot better if you created groups to do this sort of thing. You would assign all of your common permissions say for a particular department to one security group, then just make users a member of that group and use the GROUP on the NTFS security over the folders. Doing this means you keep things tidy by not defining individual user accounts on the file system, and for the replacement user, you just need to make them a member of the same groups and all permissions will be inherited down to them.

-tigermatt
0
 
trippleO7Author Commented:
Thanks.  I didn't know Hyena had this capability.  We actually own a license of it so I will be checking it out.  I'm able to see which users/groups have permissions to a particular folder, but not the opposite.  I'll have to look at how to do this.

The group thing is what got us started looking at a solution like this.  We have too many folders with individual user accounts and we have a security overhaul starting in the next few months.
0
 
tigermattCommented:
>>> "a security overhaul starting in the next few months."
It will be for the better, I can guarantee!

Good luck with Hyena, please post back how you get on.
0
 
trippleO7Author Commented:
I haven't figured out how to check a user/group within Hyena to verify which shares it has access to, but I have an open question on the Hyena Forums about it.  I will post back what I find out.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now