NTFS Permissions reporting is a good way of auditing the level of access that users have on files and folders so that maintaining NTFS folder security is enhanced.

Managing folders is a difficult task since it requires constant monitoring of the NTFS permissions to avoid unauthorized access. However, if you have a good tool, you can conveniently present easy-to-read reports listing the permissions granted to a user or a group of users.

Here are five free tools that will save your time and headache by giving you easy-to-read folder permissions reports for your analysis.

1. Tool: NTFS Permissions Reporter

The NTFS Permissions Reporter (the free version) by Cjwdev is an excellent tool that allows you to export file and folder permissions for further reviewing.

You can download the tool from here.

Once installed, you can right click on any folder in your Windows Explorer and select the “Report Permissions” option. Thereafter, you’ll be directed to the tool’s main page for you to see the various permissions associated with the folder.

Here are some of the key features of the free version of the tool.

• Colorized report results—After selecting the folder you want to view its NTFS permissions by clicking “Add” and clicking “Run Report”, you’ll be presented with a report of the permissions in various colors, allowing you to make a proper analysis. For example, Full Control permission is colored in red while Read and Execute permission is colored in green.

• Varied reporting formats—depending on your preferences, you can choose either the tree-based or the table-based report format. You can change the format on the “View” tab or by checking one of the radio buttons on the lower section of the tool.

• Ability to show group members—the tool has option that allows you to view members of groups directly within the released report. You can activate this feature by checking the “Show members of groups” button as well as the associated buttons.

The NTFS Permissions Reporter exports the folder permissions reports as HTML files. Just click the “Export Report” button to export the results.

Here is an example of a report.

2. Tool: Netwrix Effective Permissions Reporting Tool

With this freeware tool, you can easily get comprehensive reports regarding the users with different levels of access permissions in your active directory domain as well as file/folder shares.

You can download the tool from here.

To use the free tool, you’ll need to click the “Add” button.

A window will pop up asking you to specify the network resource for checking its effective permissions—either Active Directory or File Path.

Then, click “Start Scanning” and the results will be delivered in an HTML file.

Here are some of the key benefits of the tool.

• Gain control over permissions—with the tool, you can view file and folder permissions in a single report, together with details of whether the permissions were allocated explicitly or through inheritance.

To see the inherited permissions in the results report, check the “List objects with inherited permissions” button.

• Limit excessive permissions—you’ll get comprehensive information you can utilize to revoke unwarranted access rights and therefore ensure users do not gain excessive permissions.
• Ensure compliance— The Netwrix effective permissions reporting tool can help you gather proof that every permission corresponds with the stipulated employee roles in the organization.

Here is an example of a report generated using the tool.

3. Tool: Permissions Reporter

The Permissions Reporter (the free version) by Key Metric Software is another powerful tool you can use for scrutinizing Windows NTFS file systems.

You can download the tool from here.

Although this tool looks like Cjwdev’s NTFS Permissions Reporter, it has more features and a better-looking interface.

Here are some of its key features.

• Folder Permissions Tree—to get the folder permissions report, you’ll need to click “New Project” button, and follow the prompts. Thereafter, you’ll be presented with a hierarchical view of the NTFS permissions in various colors on the Folder Permissions Tree, allowing you to make proper analysis.

• Folder Permissions Report—this section gives a “flat” view of folder permissions, together with advanced sorting, filtering, and grouping options. This way, you can conveniently retrieve the report you want.

• File Permissions Report—here, you can see files with permissions not inherited or not the same with their parent folder. You’ll also get other advanced capabilities to easily retrieve the report you want.

• Other Reports—the File Owner Report allows you to assess how users and file types are consuming the available disk space.

And, the Share Permissions Report gives a quick glance on the levels of access accorded to various users.

If you want to export the report data, just click the “Export” button.

The report will be given in HTML file format. Here is an example of a report.

4. Tool: SolarWinds Permissions Analyzer

This is a handy tool that allows you to get instant visibility into the permissions accorded to various users and groups. With this free tool, you can get comprehensive information about NTFS and share user permissions with just a few clicks.

You can download the tool from here.

Although SolarWinds Permissions Analyzer does not allow you to export folder permissions reports, you can achieve several things with it, including:

• Quickly identifying the level of permissions accorded to a group or a user. To do this, you’ll need to insert the name of the group or user in the “Group or User” section, browse the specific file or folder, and click “Analyze”.

• Conveniently analyzing how the permissions granted to a user are inherited. If you click the plus button, you’ll get further details on the inherited permissions.

5. Tool: FolderSecurityViewer

This is a versatile, free tool that will enable you to get reliable reports on the NTFS permissions accorded to your folders and shares.

You can download the tool from here.

In terms of ease-of-use and speed, the FolderSecurityViewer is clearly ahead of the other free tools.

Here are some key features of Permissions Report section of the tool:

• Easy-to-read report—you will be provided with a well-presented report detailing the security settings of the specified folder in your Windows environment. You can also sort the report to get the specific details you require.

For example, you can click the “Access Control List” button at the bottom of the tool, and a window will pop up providing the levels of privileges given to various users.

• Compare folders—you can trace differences in the security settings existing between the present folder and its lower folder hierarchy.

• Traverse nested groups— the FolderSecurityViewer will traverse nested Active Directory groups to ensure that all the permissions associated with the folder are reported.
• Different reporting formats—depending on your preferences, you can export the folder permissions report as excel, CSV, or HTML. Just click the small button at the top of the tool, and the options will pop up. In the free edition only HTML reports are enabled.

 

 

• Exporting —Here is an example of a report in an excel sheet:

• Active Directory Group Browser —With this nice feature you can show group members (direct and nested) 
  directly out of your NTFS Permissions Report. Just click any AD group in Access Control List view to show the group members and even walk through all nested Active Directory groups to gather all needed informations. Using this feature every data owner can have a deep insight in given permission structures without the need of using Microsofts built-in tools nor having special permissions to use them.

• Save and Load Reports / Compare Reports —These features are only offered in the Company Edition of this tool. Save any report to load it again at a later time for deeper analysis is offered either using the built-in database or by configuring an external database (MS SQL Server). In latter version you can share your reports with other users. Using the Compare Report feature you can compare any saved NTFS Permissions Report to show the differences between them. Here is an example:

But FolderSecurityViewer offers some more reports in the Free Edition:

• Share Report— In Share Report you can scan the network for all servers providing share services. You can select Computer Accounts from Active Directory, too or add the servers manually. Selecting a share lists all details and the assigned share permissions. Even you can generate a NTFS Permissions Report from this point.

• Folder Report— In Folder Report you can see all sub-folders of a specific folder, as well as their owner, size and file count, in a flat list.

• Owner Report— In Owner Report you can see all folders within a specific share or folder where the owner of it is a specific user. Here you first select a user principal from Active Directory, and then select a share or a folder where to search.

Conclusion

The security of the data in your network is important. With a good NTFS Permissions reporting tool, you can easily identify the level of access privileges accorded to different users, allowing you to proactively prevent misuse and data breaches.

With any of the above free tools, you can conveniently stay on top on the permissions granted to users and guarantee the safety of your network.

Prevent Unauthorized Access to Sensitive Windows Folders!

If you want to give FolderSecurityViewer’s Free Edition a try, you can request your download here: NTFS Permission Reporter