Today we're going to look at some of the Best NTFS Effective Permissions Software and tools to help you analyze, create reports and secure files, folders and active directory elements from abuse and mis-configuration!
Keeping track of your local NTFS Permissions is essential if you are looking to stay on top of all of the critical elements that are required of you as a system administrator.
There are many different metrics that you need to take into consideration across multiple domains, many of which require manual inspection and inconvenient tasks like trawling through log files and checking the Active Directory permission structures user by user.
Not only is it a waste of time that could have been far better spent with more productive tasks, but it is seriously not fun having to check each user and make note of their group and file permissions.
Luckily for us there are some really good applications that have been developed over the years which have made the need for manually trudging through long lists and log archives to try and find the information that you need.
Instead, wizards and step by step report builders will guide you through the process, so you can get the information that you need in next to no time at all.
We will be looking at some of the better examples that are out there, as well as how they work and what separates each one from one another.
These should make your daily workload that much lighter, and more enjoyable.
Let’s take a look and see which of these applications have the right balance of usability and functionality, while meeting your budgetary and technical requirements.
Here's the Best NTFS Permissions Reporting Software & Tools of 2020:
- Solarwinds Access Rights Manager (formerly 8man)
- Permissions Analyzer for Active Directory
- CJWDEV
- ManageEngine ADManager Plus
- JamSoftware
- AD FastReporter
- NTFS Security Auditor
- DSRAZOR
- NTFS Permissions Auditor by Albusbit
1. Solarwinds Access Rights Manager – BEST Choice!
Solarwinds Access Rights Manager is an application that has been designed to make the work of IT administrators much easier by analyzing user permissions and authorizations for Active Directory, Microsoft Exchange and file shares.
This helps to protect the overall security stance of the organization from common security threats such as viruses and hackers, while minimizing data loss and leakage.
Access Rights Manager allows admins to:
- Save Time by Automating User Access Management Tasks and Analysis, while Streamlining enforcement processes by identifying compromised and unsafe accounts and keeping comprehensive logs and audit trails.
- Be more productive by generating comprehensive user access reports, which allows your team to remain compliant with regulatory requirements.
- Simplify the user management process by providing user templates that let you quickly and easily provision and de-provision large numbers of people with a few mouse clicks.
- Permission management is offloaded onto users with a self-service portal that means that your team can get more work done without having to get involved with user shares and permissions.
The benefits of using Solarwinds Access Rights Manager are easy to see, as it allows admins to monitor Active Directory and Exchange, while auditing and file shares are all handled from a single application.
Even SharePoint is accessible to the application, giving your team valuable information about the current state of your intranet.
User management and provisioning makes it easier than ever to add and remove users.
If you want to take a look at this awesome application, download it from 100% Free for 30 Days!
Download:
https://www.solarwinds.com/access-rights-manager/registration
Pricing:
Download 30 Day Trial FREE!
2. Permissions Analyzer for Active Directory – FREE
Solarwinds have yet another tool for analyzing and auditing users and network shares on your Active Directory, aptly named Permissions Analyzer for Active Directory.
It lets you sort through the sometimes never ending mess and chaos of a disorganized permission set for Active Directory users, network shares and shared folders.
It is also very useful for file and user permissions as well as group management.
- It lets you see how user permissions are inherited through the hierarchical structure
- You can browse through all of the permissions and order them by group or individual user
- Get a better idea of user permissions by viewing group memberships and permissions
It is really important to quickly check through the Active Directory setup of your environment as soon as possible, and what better way to accomplish this than with a free and easy to use tool like SolarWinds Permissions Analyzer for Active Directory?
It has all of the basic functionality that you could need.
It is limited in reporting and advanced features, but as a free and easy to use tool it is really valuable.
Download:
https://www.solarwinds.com/free-tools/permissions-analyzer-for-active-directory/
Pricing:
100% Free For Life
3. CJWDEV
CJWDEV is a suite of tools that system admins have come to know and love over the years.
They offer many different useful Active Directory and NTFS Permission functions, which are all really useful.
NTFS Permissions Reporter is a tool that you can use for creating reports about permissions across many different domains and servers.
A single report detailing what permissions are active across your network will give you an excellent idea about what the current state of security is on all of your NTFS shares.
You can also drill down and create more specific reports to show permissions relating to specific users and group. AD Permissions Reporter is another excellent tool that you can use to quickly generate reports for the current security permissions across all of the OUs and other objects that are present on your Active Directory.
You can filter out specific results and generate reports that give you all of the knowledge that you need to make better decisions across your network.
Other tools that are available from CJWDEV are:
- AD Info:
With this tool you can quickly query your active directory and the rest of your domain, you can quickly generate a report that outlines all of the objects on the AD such as users, computers, groups and printers. The tool is easy to use and extremely powerful - AD Tidy:
Just as you would expect, the AD Tidy tool lets you clean up the Active Directory by targeting inactive and dormant accounts. It gives you the options to remove the accounts from all groups, to delete the individual accounts, to move or disable them, or to export all of the details to a CSV file. - Service Credential Manager:
This is a useful tool for finding and reporting on accounts that manage tasks such as scheduled operations and can update them to use new credentials if you have had to change the account names for scheduled tasks, or you have changed the password to the main account. - AD Photo Edit:
This is a user friendly application that lets you upload user photographs to the thumbnailPhoto attribute in Active Directory. This is much easier than manually uploading each picture for individual users.
There are many more applications that you can use in your environment besides the ones listed here, which can all be located here.
Being able to quickly and easily generate reports that detail the current state of your Active Directory is really important, so any one of these great apps could be of great use to you and your team.
Download:
http://www.cjwdev.com/Software/NtfsReports/Download.html
Pricing:
You can contact the sales team here for pricing
4. ManageEngine ADManager Plus
ADManager Plus is a a straight forward, easy to use, simple Windows Active Directory tool.
It allows users to generate reports and manage the Active Directory with an easy to navigate application that will give you and your team an amazing overview of what is going on within your Active Directory.
ADManager Plus is a web-based solution for all your Active Directory (AD), Exchange, Skype for Business, G Suite, and Office 365 management needs.
It simplifies several routine tasks such as provisioning users, cleaning up dormant accounts, managing NTFS and share permissions, backup and recovery of objects, and more.
ADManager Plus also offers more than 180 prepackaged reports, including reports on inactive or locked-out AD user accounts, Office 365 licenses, and users' last logon times. Perform management actions right from these reports.
Build a custom workflow structure that will assist you in ticketing and compliance, automate routine AD tasks such as user provisioning and de-provisioning, and more.
One of the best features that you and your team will find especially useful is the bulk management tools that let you quickly and easily manage the user accounts on your network.
It helps you to solve a few common issues such as:
- Repetitive and continual tasks such as user creation and removal, share creation and removal, and much more
- Automate management and reporting tasks
- Create, modify, manage and delete AD objects in large quantities
- Mobile app for managing the Active Directory from anywhere that has internet access
- Great for audits as it provides in-depth information about the current state of your environment
Benefits of ADManager Plus include:
- Simplify identity and access management across multiple platforms. Create and manage identities with all entitlements, set or modify group, NTFS, and share permissions granularly, and more, all from a single console.
- Library of more than 180 prepackaged reports on AD, Exchange, Office 365 and more, with built-in management actions. Manage and report on AD users, and more from mobile devices using native Android and iOS apps.
- Automate, monitor and streamline management and reporting operations, and prevent unauthorized changes with approval-based workflows.
- Take incremental backups of all AD objects, and perform attribute-level restoration of objects without restarting your DCs.
- Delegate management and reporting operations without modifying the AD permissions of any technician.
The combination of on premise Active Directory management combined with a mobile app makes this a great way for your team to stay on top of the daily tasks that you need to get the job done.
Compliance through audits and reports will give you the edge when you are dealing with audits and compliance reports.
If this application is something that sounds like it could be useful on your network, then check out the link below to Request a download.
Official Website:
https://www.manageengine.com/products/ad-manager/
Download:
https://www.manageengine.com/products/ad-manager/download.html
Pricing:
You can request a quote from here.
5. TreeSize from JAM Software
TreeSize is an application that lets you manage the space of your computers and servers while breaking down the space allocations of each file type.
It allows you to see the size of your folders as well as the sub folders, and gives you a breakdown of the contents of each folder with the file types contained within.
It gives you a visual view of what is happening with disk usage as a pie chart or a bar chart.
There are also tree maps that give you a proper idea of the hierarchies contained in the folder structures within the file system.
If you need to find out about the access logs for a specific system, then you can take a detailed look at the files and when they were last opened, and by whom.
Users can even open up a chart that gives statistical information about the files on your hard drive. It also features:
- An integrated search for easy file investigation
- Search for files with customizable queries
- Results can be archived, copied and moved
- You can scan from single machines to the entire network
If you need visualization tools for your files and hard drive usage, and need to view file access and sizes, then this is an excellent application for your digital tool kit.
You can create impressively complicated reports for compliance purposes, export data, create scheduled events such as scans and also track the growth of your fie storage across multiple devices.
Download:
If you want to try out a trial version of this handy application then you can download it from here.
Pricing:
Pricing starts at around $50 dollars for a single license, but a full price list can be found here.
6. AD FastReporter by AlbusBit
AD FastReporter is a tool that has been designed to make your workload much lighter, and has been designed to help create reports that give valuable information about your current Active Directory setup.
Using AlbusBit AD FastReporter is a much simpler solution to using LDAP commands or learning how to script.
All you need to do in order to create AD reports quickly is to select the required fields of your choice, such as users, computers, groups, exchange, contacts, printers, and more.
You can also isolate the GPO and OU details to see what is happening within your network. Other features include:
- Quick setup – getting started is quick and easy
- Simple GUI – Easy to use
- Fast Reporting – Get your information compiled into good looking reports in no time at all
All of your AD reporting requirements taken care of and easy to use, for user reports, you can get all of the information that you need such as: user status, recently modified users, bad password attempts, view users that need to change their passwords, see which users have a password never expires flag.
Computer reports are also easy to generate, allowing you and your team to see which resources have been modified, created, or even what version of Operating System they are running.
Download:
You can find the download link on this page here.
Pricing:
They offer a FREE Version and then Single licenses start at $99, with multiple site licenses costing up to $499. The pricing guide can be found here.
7. Vyapin NTFS Security Auditor
Vyapin NTFS Security Auditor is an NTFS permissions tool that allows users to gain valuable insights into how the permission structure is currently configured within your environment.
You can audit and create the reports for all of the auditing requirements that you may have, which makes this tool especially handy if you plan on using it for audit preparation.
You can easily look at what file share permissions are currently active, just as if you were using the Windows File Server audit, which means that you can easily track the permissions of users and groups pertaining to objects such as folders and files. Other features that are included in this application are:
- Security Viewer:
Easily view and assess the whole file system and permissions of servers from within a single viewing point. You can view the basic or advanced settings of each machine, depending on what is required. - Configuration Settings:
From here you can quickly setup your SQL connections and SQL server settings. From here you can also configure your data collection and email settings as well for convenient notifications. - Reports:
The list of reports is quite extensive, so you can find the right report for your specific requirements - Scan Profiles:
You are able to use this feature to quickly scan your environment using predefined templates. This is useful if you need information quickly and don’t have time to configure reports from scratch. - Power Search:
From here you can setup your own search queries, giving you far more flexibility and customization options when compared to the preexisting reports that come standard with the application.
If you need a straight forward auditing and reporting tool for your NTFS shares, then you can’t go wrong with VYAPIN NTFS Security Auditor.
It features all of the basic and advanced features that you would need to report on the current state of NTFS shares, as well as authorized users from a single application.
This makes the task of creating comprehensive reports much easier, giving you the freedom to complete other work while still meeting the information requirements of an audit.
Download:
Download from here.
Pricing:
Request a quotation from here.
8. DSRAZOR for Windows
DSRAZOR for Windows is a user friendly application that sees itself as a point and click style program for reporting, management and delegation.
It allows you to report on the Active Directory settings within your network, as well as the Windows File Sharing settings that are currently being used across your network shares.
The Active Directory segment reports on users, groups, computer, and other information that you would need for your reporting requirements. You can also manage and delegate standard active directory functions such as create, modify, and deleting users, as well as moving them.
Other Features of this Software package include:
- File Permission Reporting
- Active Directory Reporting
- Active Directory Mangement
- Exchange Management
- Office 365 Management
- Task Delegation
This application offers detailed information about the current state of affairs on your network, and is sure to be of great utility to anyone that needs to manage the tasks of their Active Directory on a day to day basis.
There is a good mixture of features that make this a worthy choice if you find yourself getting stuck performing the same tasks every day, which is sure to save you some time.
If you want to take a look at this application and get it installed, you can find a download link below!
Download:
https://www.visualclick.com/content/freetrial_request.htm
Pricing:
Pricing starts at $500 per year for 200 enables user objects. Full pricing can be found here by requesting a quotation.
9. NTFS Permissions Auditor by Albusbit
Albusbit was also mentioned above for their AD reporting Features, but they've also contacted us to add their NTFS Permissions Auditor tool as well.
This tool helps you quickly Manage Access to Folders & Files within your NTFS systems as well as Analyze, Verify and Review any NTFS permissions on files/folders within the program itself.
Some Features and capabilities include:
- Audit and Export Reports to XLSX, CSV, XML, HTML or PDF file formats
- Display critical Acct Information (including SID, Description, Department, etc)
- View and Analyze File and Directory Permissions for Users, Groups and Computers
- Directory/Folder and User Exclusions from Reports to Limit your Audit Depths and analysis
- Compare NTFS Audit Reports to see changes in Permissions, Groups and Modification Dates
- Auto-discovery of Windows Shares & Admin Shares
This tool has many great features and capabilities that offer an in-depth look into your NTFS File and Folder permissions that many other software solutions simply do not have.
They even Offer a Free Version of the program which offers in-depth Audits and a Paid version for $199 that has advanced Features, Filtering and Reports.
Download:
https://albusbit.com/NTFSPermissionsAuditor.php
Pricing:
They offer a 100% FREE Version that lets you run Audits and a Paid Version for advanced Filtering and Reports for $199
Conclusion
There are many different applications out there for you to choose from if you are looking to ease your administrative burden while working with Active Directory and NTFS shares on a daily basis.
There are plenty of things that you need to be aware of and keep on top of, such as user accounts, devices and active file shares.
If you are not fully aware of unsafe file shares on your network, then you are probably at risk from unauthorized user access, or malicious software such as ransomware and other crypto-based threats.
Be sure to check out each of the products that we have reviewed above, and find your favorite. Try downloading a few, and see which one suits your needs the best.
There are so many useful features that could be very hand for the average system administrator, so be sure to consider each one on its own merits, and how each might be used within your own Active Directory setup.
