Solved

Security Matrix for user and group permissions

Posted on 2009-04-07
2
2,187 Views
Last Modified: 2012-05-06
I have been looking for a way to show clients/managers an easy to read visualization of what users belong to what groups and what permissions they have for their folders.

In the past I would just create an excel spreadsheet and update it by hand but it seems there would be an easier way to really show this to someone who may or may not have much technical knowledge.

I am looking for any tools or templates that would allow me to get this information and/or generate a report for a good way to show this.

2003 based file shares with active directory permissions.

0
Comment
Question by:mgthomas0
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 15

Assisted Solution

by:zelron22
zelron22 earned 50 total points
ID: 24093618
Access Enum and Share Enum will give you what users/groups have permission to what.
http://technet.microsoft.com/en-us/sysinternals/bb545046.aspx

0
 
LVL 18

Accepted Solution

by:
Americom earned 75 total points
ID: 24094159
See if these tools help. The one that you need to pay gives you more option such as report permission in excel, html, and pdf formats etc.

You can use a free tool "SubInACL" from Microsoft:
http://www.microsoft.com/DownLoads/details.aspx?familyid=E8BA3E56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en
SubInACL is a command-line tool that enables administrators to obtain security information about files, registry keys, and services, and transfer this information from user to user, from local or global group to group, and from domain to domain.

http://technet.microsoft.com/en-us/sysinternals/bb664922.aspx
This tool shows you the accesses the user or group you specify has to files, Registry keys or Windows services

or if you want to spend some $ on another product specifically for file server from ScriptLogic:
http://www.scriptlogic.com/products/security-explorer/

Or if you have the more $ to spend, you can get the ESR from ScriptLogic:
http://www.scriptlogic.com/products/enterprisesecurityreporter/
This product is more than just for file/folder permission, it is also to report Active Directory object status etc.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question