NTFS Security Management Suite
Contents
1. 430 Chapter 4 NTFS Security Manager e Click the option Copy to copy all the permissions entries that were previously inherited from the parent to this current shared folder s files permissions list e The updated permissions list with copied permissions from the parent object as shown below Permissions Modifier Grant permissions Accounts Basic Permissions Permissions g Add Domains Refresh CREATOR OWNER o lt No Share Profile found Configure NT AUTHORITY SYSTEM Domains BUILTIN Administrators d ADVENTURE BUILTIN Users P c Domain Controllers ADVENTUR E adminuser 66 apas ADVENTURE alec a Ba ARDAN ADVENTURE Martin pa wRD4922 aa WAD4S Address Accounts Advanced Permissions E WRD49 admin folder AccountName ACEType Inherted fa WRD4S ADMINS CREATOR OWNER Allow EX WRD49 basic per NT AUTHORITYSSYST Allow E8 WRD49 Bulk Test folder BUILTIN Administrators Allow E8 WRD49 Bulk test folder BUILTIN Users Allow a WRD4S BulkTestwithOu BUILTIN Users Allow EE WRD4S CS BUILTIN Users Allow EE WRD4SNDS ADVENTURE adminuser Allow fa WRD4SKES ADVENTURE alec Allow a WRD4S E ff supp folder E SS ea an p Select Applyonto option i Curent owner BUILTIN Administrators EE WRD49 ExchangeOAB Sas ec Se Ea RP SD ad DEA ea e Prete Cae eee 52 pe misions to objects ar id or ot es Allow Inherited permissions fram the parent Bee eee ie a tee ee eae atac2. Cancel Apply onto Select Apphronta option T Apply these permissions to objects andor containers within this container only Select Scan Profiles Shares and follow the steps below e Select Shares profile and enumerate its shared folder s file s list e Select a shared folder file path 398 Chapter 4 NTFS Security Manager Accounts Basic Permissions Permissions ADVENTURE alec Scan Profiles Computers ADVENTURE Martin al Share Server ADVENTURE alex Scan Profiles Shares ADVENTURE Rabin l Public Shares ADVENTURE Richard i ES WRD46 Testshare BUILTIN Administrators J E NT AUTHORITY SYSTEM 7 JE WRD49 Permission folder fag WRD49 Share eee a theese Eee faa WRD49 Shared folder Account Name ACETyp Inherited Domains ADVENTURE alec Deny No ay Local Drives ADVENTURE alec Allow No ADVENTURE Martin Allow No ADVENTURE alex Allow No ADVENTURE Rabin Allow No ADVENTURE Richard Allow No BUILTIN Administrators Allow Yes NT AUTHORITY SYS Allow 2S 1 a Curent owner BUILTIN Administrators Apply onto Select Applyonto option Apply these permissions to objects andor containers within this container only Allow Inherited permissions from the parent to propagate to this abject Replace Remove apply Select Domains and follow the steps below e Select one or more servers to enumerate its shared folder file path e Select a shared folder file path Se
3. Saved Permissions Templates Select any template from the list of saved templates to proceed Click Open to modify the selected template Click Delete to delete any selected template and Click View Details to view the contents of selected template Template Name Description Template Type grant permission task fortest share Grant gt copy permissions task for evaluation Copy 2a copy pemissions task for adminshare Copy View Details The saved templates window allows you to perform the following operations e Open an existing template e Delete a template e Preview the contents of a template Open an existing Template 1 To open an existing Copy permissions template select the Copy permissions template and click Open button in the window The Copy permissions Dialog will appear on the screen which will allow you to edit the selected template 2 During edit operation you can modify the computer list and permissions entries however you cannot modify the name of the template 461 Chapter 4 NTFS Security Manager Delete a template To delete a Copy permissions template select a Copy permissions template which you want to delete and then click Delete button The selected template will be deleted permanently Preview the settings of a Template To preview the settings of a saved Template select a saved Copy permissions template and then click View Details button The settings will be displayed in a window
4. Validate for Errors Generate report ignoring any errors found Generate report only if no errors were found Send error report through e mail Highlight Errors Access is denied The specified network name is no longer available The specified path file name or both are too long Indude errors as part of the report E Highlight Items Permissions Acco F Blocked Inheritance F Full Control E Modify F Delete Indude group members Indude group membership Indude SID 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate the report even if errors are encountered during the validation option o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Select error information that needs to be highlighted 3 You may also select Highlight Items for highlighti
5. 282 Chapter 3 NTFS Security Auditor List of all permissions for folders Inherited amp Explicit This report lists the permissions explicit and inherit assigned to the users for a set of folders a3 Shares Folders and Files a Shares and Resources Select option under Power Export This will bring up the Power Export Wizard Step 1 Report Selection P Power Export Built in Reports Step 1of7 Report Selection Select the desired report to proceed Only one report can be selected in this category List of permissions for specific users and groups on folders List of permissions for folders List of permissions for specific users and groups on files Se List of permissions for files 3 B List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files E List of effective permissions for specific users and groups on folders E List of effective permissions for specific users and groups on files 283 Chapter 3 NTFS Security Auditor 1 Select Permissions Reports from the select report category drop down list Select the desired report Only one report may be selected to run in a single task 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step Step 2 Shared Folder Selection 2 Power Expo
6. 342 Chapter 4 NTFS Security Manager How to remove all the existing explicit accounts and replace with the new accounts The Grant Permissions feature allows you to remove all existing accounts that have explicitly assigned permissions for shares and replace them with the selected accounts and permissions Note that this will not remove inherited permissions from parent folder 2p Grant Permissions Click on button The Grant Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Grant Permissions for selected Shares e In step 4 select the option Remove all existing accounts and replace with the selected accounts and permissions Grant Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to add permissions to the selected shared folder s file s permissions list Assignment Rule Add the selected pennissions to the existing permissions list f the selected account already exists in the pennissions list Remove all existing accounts and replace with the selected accounts and pemissions d E Replace all child object existing permissions with inhentable permissions from this object Ci C Inheritance Rule Back Next Cancel e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Grant Permissions for selected Shares 343 Chapter 4 NTFS Security Manager How to replace all explicit
7. 82 Chapter 3 NTFS Security Auditor View and Select Accounts Users Groups available trom computers displayed below Scan Profiles Computers c Si Sample Scans Domains S E PHOENIX Gal Domain Controllers S A RD 10 nf PHOENIX Administrator e Use the Find option to search desired user group accounts Click Next to proceed 83 Chapter 3 NTFS Security Auditor Step 3 Select shared folders Select one or more servers to retrieve available shares ee toe Irar ETE tT i ires F View and select Shares and Folders available from computers displayed below di Add Domains Fj Do not samep a Indud prta list of UNC default 84 Chapter 3 NTFS Security Auditor Built in Reports List of effective permissions for specific users and groups on files Step 30f3 Select Shared Folder s Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level WAD 10 NETLOGON True WRD 10 WWEW TEST FOLDER True WRD10 NEW TEST FOLDER SHARE True VRD 10 NTFSTESTFOLDER True Do not display files that
8. Allow Allow Allows Allow Allow Allow Allow Allow Allow Allow Allow Full Co Full Co Special Special Special Full Co Full Co Special Special Special Special Apply To This Folder only This Folder subfolders This Folder and subFold This Folder subfolders Subfolders and files only This Folder subfolders This Folder only SubFolders and Files only SubFolders and Files only This Folder only SubFolders and Files only Address BUILTIN Adminis MT AUTHOR Allow Special SubFolders and Files only How to view permissions of files in a share _ Files Click tab The Files and Permissions dialog appears oo e e E imi Shares and Resources Files RD45 A Refresh p Export F Filter GE Customize Folders and Permissions Fag Enterprise SHARES val Shares re All shares Select share s E ADChangeTracker Address Bharath Source Code Backup E Bulk export For patch I _ NETLOGON _ RD45 L0G Gill PATHFINDER RD45 RDS4 _ Resources _ Support Include sub folders 1 J Do not display Files that have the same permissions as the parent Folder cance You can view permissions of files in a share or for all the
9. Cancel Next Folder paths Import oe Remove Cancel e Use Select a Scan Profile Shares option to use the shares added in the profile 474 Chapter 4 NTFS Security Manager Apply Central Access Policy Wizard Step 1 of 4 Select Shared Folder s File s Enter the Full path of a shared Folder ifile Click Add From to load the list of shares Import to import a list of UNC Folder paths from a text File Scan Profiles Shares test shares iy a Folder Path Domain Name Add From WADA TFSSM Test folder VOYAGER WADA Test DAC VOYAGER Import w Remove _ Apply to all the sub folders Include files present inside folders Next Cancel e Apply to all the sub folders This option will apply central access policy on all sub folders of the selected folders as specified in this wizard e Include files present inside folders This option will apply central access policy on all files present in the selected folders as specified in this wizard Click Next to proceed to the next step Step 2 Select Central Access Policy 475 Chapter 4 NTFS Security Manager Apply Central Access Policy Wizard Step 2 of 4 Select Central Access Policy Select a Central Access Policy to apply to the sharetsi Folder si Click Change to view available Central 4ccess Policies that can be applied to the selected objects Central Access Policy No Central Access Policy Change oe The following Central Access Rules apply Appl
10. Security Write extended attributes Write attributes Create Folders append data Create Files write data Delete subfolders and files Delete Full contral write extended attributes Write attributes Create Folders append data Create files write data Delete subfolders and files Full contral Delete Create folders append data P Delete 112 Chapter 3 NTFS Security Auditor How to view Central Access Policies and policy permissions List of Central Access Policies CAP and Central Access Rules on the Domain DAC Reports Click on button The DAC Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time DAC Reports Step 1of3 Select Report Select a report from the available DAC Reports Description g E DAC Reports Select a report from the Hi Effective DAC permissions for specific users and groups on folders available DAC Reports sete Effective DAC permissions for Accounts having permissions on specific folders see List of Central Access Policies CAP and Central Access Rules on the Domain Folders affected not affected by DAC Central Access Policies 113 Chapter 3 NTFS Security Auditor DAC Reports List of Central Access Policies CAP and Central Access Rules on the Domai
11. Shares Folders and Files Click on button to view information available under each tab as listed below Click i Siac tab to view the following information Share Name Path User Name Security Maximum Comment iaj shares and Resources Shares RO45 Q Refresh Export Filter HE Customize Scan Profiles Computers ay E mail Find E F Enterprise SHARES h Shares fe Folders li _ Files Maximum e Comment Access to address Share Mame User Mame Security cs DISCOVERY m PATHFINCER Unlimited AD ChangeTracker Fi Bharatha DChani 240E Allow Full Control C Program Files Ex Everyone Allow Read Unlimited BUILTIN Admini PATHFINDERIR Allow Full Control Unlimited Access to address Allow Full Control Unlimited Access to address ADMIN CAWINDOWS Admin Share Uniliraited Remote Admin Bharath Source Cod F BharathBharath PATHFINDER Bulk export For patel F Bulk export For pi Everyone G Gi NETLOGON CA wINDO wS SYS BUILTIN Admini Allow Full Control Unlimited Allow Read Unlimited Everyone Allow Read Unlimited Allow Full Control Unlimited Logon server share PATHFINDERIC PATHFINDERAD Everyone Allow Full Control Allow Full Contral Allow Read Unlimited Unlimited Unlimited Logon serwer share Logon server share Logon server share 93 Ch
12. BUILTIN Administ BUILTIN Administr Group Allow Full Control Subfolders andfiles only Traverse Folder Exe This folder only BUILTIN Server Op Group Allow Read and Execute Li Subfolders andfiles only This folder only CREATOR OWNER Well Known Sid Allow Full Control Subfolders andfiles only NT AUTHORITY AU Well Known Sid Allow Read and Execute Li Subfolders andfiles only This folder only NT AUTHORITY SY3 Well Known Sid Allow Full Control Subfolders andfiles only This folder only PHOENTX Administ User Active Allo Modify This folder subfolders a PHOENTX adminus User Active Allow Modify This folder subfolders a PHOEN Wadminusi User Active Alli Modify This folder subfolders a PHOENIX sam User Expired D All Modify This folder subfolders a PHOENTX testgrou User Expired Alli Modify This folder subfoldersa WRDLO NEW TEST NEW TEST F Folder PHOEND adminus PHOEN DWA Administ User Active Allo Full Control This folder subfolders a PHOENTX adminuss User Active Allov Modify This folder subfolders a I I 193 Chapter 3 NTFS Security Auditor List of permissions for orphaned accounts on folders This report allows you to view the permissions for orphaned accounts on folders Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Security Vulnerabilities List of permissions f
13. d VRD 10 C Folder Path C RD10 NETLOGON WRD10 NEW TEST FOLDER SHARE C VRDI0NTFSTESTFOLDER LJ WRD10 8YSVOL WWRD 10 TestShareFolder LI VWAD10 Users H E RESEARCHLAE H F SPACENET Z Apply to sub E Include files p Use Select a Scan Profile Shares option to use the Shares added in the profile 465 Chapter 4 NTFS Security Manager Copy Account Permissions Wizard Step 1 of 3 Select shared folder s file s Enter the full path of a shared folder file Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Click Set Search Pattern to set the search criteria for sub folder s Set Subfolder Levels to set the levels for sub folder s Shared folder file UNC Path Add oe Scan Profile Shares Replace ka o Folder Path Vd 10 NEW TEST FOLDER d10 NEW TEST FOLDER SHARE Remove E Apply to subfolders E Include files present inside folders You may also type the UNC path of a folder that is not in the list such as a folder that is shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button Apply to sub folders This option will copy an account permissions on sub folders of the selected folders Include files present inside folders This option will copy an account p
14. we WANES 432 Chapter 4 NTFS Security Manager How to modify an account Basic permissions The Modify Permissions allows you to modify an account s Basic permissions Y Modify Permissions Click on button The Modify Permissions window will be displayed Step 1 Select folder file path e Follow the list of options to enumerate the shared folders files as outlined in How to enumerate shared folders files Step 2 Select an Account Select an account in the Basic permissions to modify its permissions Permissions Modifier Grant permissions Accounts Basic Permissions Permissions g Add Domains Refresh ADVENTURE alec Full Control No Share Profile found Configure DVENTURE Martin Modify Domains ADVENTURE alex Read and Execute List folder c Qa ADVENTURE ADVENTURE Robin Read iB Domain Controllers ADVENTURE Richard White eee apes BUILTIN Administrators Special permissions ES WRD49 2 NT AUTHORITA SYSTEM Ee WRD49 22 Rep fed WRD49 Address Accounts Advanced Permissions EF WAD49 admin folder AccountName ACEType Inherited EE WRD4S ADMINS ADVENTURE alec Allow No fal WRD49 basic per ADVENTURE Martin Allow No Es WAD49 Bulk Test folder ADVENTURE alex Allow No eal WAD49 Bulk test folder ADVENTURE Robin Allow No Es WRD49 BulkTestwWithOu ADVENTURE Richard Allow Eg WRD49 CS BUILTIN Administrators Allow ES WRDS9 DS NT AUTHORITASYST Allow fat WRD4SNE
15. 18 Chapter 2 Configuration Settings Edit a domain To Edit a domain in the Domain Credentials follow the steps given below 1 Launch Domain Credentials window 2 In the Domain Credentials window select any row domain Click Edit button to Edit an existing domain in the list as shown below rom a different forest and then supply necessary credentials for the selected domain Voyager local voyager adminuser3 Connected Show at startup 3 The domain name cannot be modified during the edit operation 4 Specify user name and the corresponding password to connect to the specified domain 5 Click OK to save and connect to the domain with the newly provided connection parameters and update the domain in the Domain Credentials list 6 NTFS Security Management Suite 2014 will connect to the domain with the newly provided connection parameters and modify it in the list upon successful connection to the domain 19 Chapter 2 Configuration Settings Es BP Edit i Lael pma oos oera aiias Ceea Voyager Voyager local voyager adminuser 7 Click Cancel to retain the existing connection parameters of the domain in the Domain Credentials list 20 Chapter 2 Configuration Settings Delete a domain Perform the following steps to delete a domain 1 Launch Domain Credentials window 2 In the Domain Credentials window select any row domain click Delete button to delete the for
16. All selected reports will be exported to a time stan task name folder Export Export Path C Users Public Documents NTFS Security Manageme E E mail Note This evaluation version exports e mails only the first 10 records Change the Export or E mail settings as necessary Use Browse button to change the export path 3 Click Next to proceed to the next step Click Additional E mail Settings button to specify optional e mail settings as shown below 333 Chapter 4 NTFS Security Manager You can customize the SMTP Server From and oe address Subject and body of the e mail messa Subject Reports generated by NTFS Security Management Please find the attached report generated by NTFS Securty Management Suite 334 Chapter 4 NTFS Security Manager Step 5 Schedule Settings A Power Export Built in Reports Step 5 of 6 Schedule Settings Enter a unique task name and specify ts schedule settings Task Mame Builtin Report Task Specify an account that has sufficient privileges to retrieve report information From the selected Domains Servers Run 4s PATHFINDER adminuser Set Password ak Schedule Task Daily start time Wel 25 PM Advanced Schedule Task Daily Every sak mews ose Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required C
17. Allow Create Files AppendData False This folder subfolders and files DISCOVERY test Allow Modify False This folder subfolders and files E DISCOVERY test4 Allow Modify False This folder subfolders and files BUILTIN dministrat Allow FullControl True This folder subfolders and files DISCOVERY admin Allow Read ndExecute True This folder subfolders and files CREATOR OWNER Allow FullControl True Subfolders and files onhy NT AUTHORITY S Allow FullControl True This folder subfolders and files BUILTIN Users Allow Create Files True This folder and subfolders BUILTIN Users Allow Append Data True This folder and subfolders BUILTIN Users Allow Read ndExecute True This folder subfolders and files Click Next to proceed to the next step Step 4 Apply the required rules to be used while copying permissions Select which rules to apply while copying permissions 455 Chapter 4 NTFS Security Manager Copy Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to copy permissions to the selected target shared folder s file s permission list Assignment Rule Copy the selected permissions to the existing permissions list f the selected account already exists in the pennissions list Add the new pennissions to the account s existing pennissions ri 0 Replace the account s existing permissions with the new pennissions oe E Also apply the above to subfolders an
18. Folder Path Sub Folders E Owner UserGroup Name E Account Type Type Inherited amp Explicit Effective Permissions 9 Select the customize options as required and click OK 10 You can select Exclude inherited permissions option to exclude inherited permissions from the report 11 Click Next to proceed to the Next step 258 Chapter 3 NTFS Security Auditor Step 3 Additional report settings pi Power Export Built in Reports Step 3 of 6 Additional report settings Select additional report settings Validate for Errors Generate report ignoring any errors found Generate report only if no errors were found Send error report through e mail Highlight Errors Access is denied The specified network name is no longer available The specified path file name or both are too long Indude errors as part of the report E Highlight Items Permissions Accounts i F Blocked Inheritance F Full Control E Modify F Delete Indude group members Indude group membership Indude SID 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate the report even if errors are encountered during the validation optio
19. Full Control Subfolders andfiles only Traverse Folder E This folder only Chapter 3 NTFS Security Auditor List of all permissions for folders Inherited amp Explicit This report lists the permissions explicit and inherit assigned to the users for a set of folders Click on S Shares and Resources button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Built in Reports List of all permissions for folders Inherited amp Explicit Step 1of2 Select Report Select a report from the available Builtin Reports Description This report lists the permissions explicit and List of permissions for folders inherit assigned to the users for a set of folders fal a Permissions List of permissions for specific users and groups on folders E List of permissions for specific users and groups on files List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files 3 List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files Click Next to proceed to the next step Step 2
20. Revoke Permissions now or Schedule it to run later You may run this task now or schedule it for later Runnow Save As Template Run later eo PHOENIX adminuser4 Daily edi cance Click Next to proceed to the next step Step 6 Selection Summary This step displays the summary of data selected to Revoke permissions and you can also view and export the existing permissions before changes are applied by clicking on the Export current permissions button 391 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 5 of 5 Selection Summary Shows the details of all inputs provided in the wizard Click Export Current Permissions button to view and export the existing permissions Selected Revoke Mode Revoke the selected set of accounts and their permissions from the selected shared folder s filefs Apply to sub folders Revoke sub falders that start with 1 test Revoke sub folders that end with 1 share Apply only on 2nd level of sub folder s in the shared folder Selected shared folder s file s 1 WRDIO WEW TEST FOLDER 2 ARDLO WWNEW TEST FOLDER SHARE Accounts selection mode Selected accounts Accounts 1 phoenix sam Export Curent Permissions Click Finish to complete the Revoke Permissions wizard Permissions will be revoked as specified in the wizard The summary of all the input data would be shown below along with the View change log option to view the
21. Select shared folders Select one or more servers to retrieve available shares 59 Chapter 3 NTFS Security Auditor Step 2of2 Select servel Select 5 Enter the tull path of a Share folder paths from a text file properties for scanning each KERT Scan Profiles Computers Sample Scans E Do not display folders that same permissions as the p 60 Chapter 3 NTFS Security Auditor Built in Reports List of all permissions for folders Inherited amp Explicit Step 2o0f 2 Select server s for Shared Folders list Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares a Profile i Folder Path Indude sub folders Folder level WRD10 NETLOGON True All YRD10 NEW TEST FOLDER True All YRD10 NEW TEST FOLDER SHARE True All Do not display folders that have the een eee El same permissions as the parent folder Ll eee E Op You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button
22. Testgoupes Permissions Full Control Modify Read and Execute List folder cont PHOENIX Sau Read NT AUTHORITY SYSTEM Write BUILTIN Administrators RUH TISI leere Aocounts Advanced Permissions Account Name ACEType Inhertec PHOENIX adminuser2 PHOENIX adminuser Scan Profiles Shares H A test folder O A oOo A Special pemissions a PHOENIX i m Domain Controllers M RD10 fa WRD1OVADMINS H E WADIO CS J E WRD10 NETLOGON J B WRDIOWEW TEST PHOENIX Test group E WRDIO WWEW TEST Fj PHOENIX Testgoupes EE WRD10Ntfe test fof PHOENIX Saru NT AUTHORITY SYS BUILTIN Administrators BUILTIN Users Yes EE WAD1 O NTFSTESTF ES WRDIOSYSVOL E8 WRD10Test folder E8 WRDAO TestShareF H E WAD10Wsers A RESEARCHLAB co SPACENET 4 mn Curent owner PHOENIX adminuserd Allow Inherited permissions from the parent to propagate to this object 425 Chapter 4 NTFS Security Manager How to remove the selected account from the shared folder file permissions list The Modify Permissions feature allows you to remove the selected account and its permissions from folder file permissions list Y Modify Permissions Click on button The Modify Permissions window will be displayed Step 1 Select folder file path e Follow the list of options to enumerate the shared folders files as outlined in share htm How to enumerate shared folders files Step 2
23. Website hitp Awww vyapin com Sales Contact sales vyapin com Technical Support support vyapin com GENERALANFORMATION scctinivsntuyiuecusiepasennuay teas aaeueiestonyaaeca E tunes 1 About NTFS Security Management Suite 2014 ssesesesessesesecececscsesesececscsesesececscsesecsececscsesesecececsesesecececsesesececeseese 2 System REGUIMEINIGINES i oea eae AEA 4 How TO purchase l aenicronaa a A TE R 5 HOW tO activate the SoftWare sipiin onpa e a a aaa anaa a Oa aaa a aa aaa 6 TECNNICALSUPPOr aaa a A a 8 CONFIGURATION SE ITINGS nesiseka A 9 Datapase SEttINES yiosi O a a a mre reer err mrcrnrr rrr ire rrrr rrr yee 10 Configure Computer Enumeration srna a Sacer aaa ak eRe eee e eA eee 13 Configuring Domain CreGemtlalS xcescie ces ccs ie eco pete lesan ie lact sate veseeceu car eeetecato pase lec aee ve E 14 Adda d ma oasia a a viaa is a aan ase eas a Geese Gans 17 Edita domain soniai nocd tacoma cucanecncc ems oasidersncds ca romncueaee ance parsons aconsecahae tema cumane a a a 19 D lete a COMMA 8 avs sawcetcsesienda dene a ade dawese Seabees stsaneepaaetvad lt dasevacteabeeivusarenebanests 21 Add domains THOM forest sssrinin a aa aa a a a aA A ap Eaa cas aneseswestase cop Eana EA SERN Aaa AEEA NEN 23 Conheure SMTP SOLVER onran a A A 26 User Connection Profiles irsini a aa a a a a a E a aE a 27 Module LiStihg sses ioei a a a a rrr mrrr rrr Terr ern MeCrrerrnrrT rer rryT Terr yee 30 NTS SECURE AUDI OI sexier vicasiae creat r E A 31 BUN
24. _ testfolder1 BUILTIN Administrators Allow _ testfolder2 NT AUTHORITY SYS Allow H E testfolder CREATOR OWNER Allow Domains BUILTIN sers Allow Gil DISCOVERY Poi Current owner BUILTIN Administrators 2 a RESEARCHLAB P 3 Allow Inherited pennissions from the parent A ofl TREE AF ___ on to propagate to this object Select Domains and follow the steps below e Select one or more servers to enumerate its shared folder file path e Select a shared folder file path 126 Chapter 3 NTFS Security Auditor g Add Domain 5 a Refresh Ga DISCOVERY i Domain Controllers a8 RD4S fee WRD46 nokia EE WRAD4E ARKAD Scr E WRD46 test group fae WRD46 inew WAD46 Effective d6 B MMV share Eg WRD46 Example ES WRD46 Resources EE WRAD4S Exchanged i WANE Permiesinns j BUILTIN S Administrators DISCOVERY Domain Admins DISCOVERYIUSR_RD46 DISCOVERY MailUser DISCOVER adminuser DISCOVERY abraham DISCOVERY test DISCOVERY Enterprise Admins Permissions Read and Execute List folder cont Read Write EEROR Special permissions Account Name ACEType Inherited BUILTIN Administrators DISCOVERY Domain DISCOVERY Enterpris DISCOVERYMUSR R DISCOVERY MailUser1 DISCOVER adminuser DISCOVERY abraham DISCOVERY test BUILTIN Administrators Allow Allow Allow Allow Allow Allow Allow Allow Allow No see 5 5 5 F Cu
25. button to select a file that contains the list of computers to be imported In the Select File dialog that shows up select a text txt file and then click Open Click Import button to import the list of computers from the selected file The text file should contain computer names in the format Domain Name Computer Name both Domain and Computer name should be a NETBIOS name with each entry in a separate line as shown below sample Computer List pathfinder rd4s Only valid entries of the form Domain Name Computer Name will be imported and invalid entries will be ignored Please note that the domain specified will be matched with the domain name to which the computer belongs The computer entry will be ignored either if the domain name does not match or an if error occurs retrieving the domain name To view the list of entries imported click Verify Imported List button The list of computer names imported will be displayed as shown below 533 Chapter 6 Scan Profiles Manager Entries Imported This window shows the list of entries imported Domain Mame PATHFINDER 40VENTURE 40VENTURE o Changes to the external text file will not automatically be reflected in the Scan Profile You need to edit the Scan Profile and re import the updated computer list from the file D Importing list of IP addresses from a text file scan Profile Computers You can specify a computer list by using either the Import opt
26. phoenix sami phoenix test group Back Next Cancel Click Next to proceed to the next step Step 4 Select Access Control type and permissions You may select one of the options below e All existing permissions This option will remove all existing permissions with accounts from the selected shared folder s file s permissions list Example If the Account has many permissions like Allow type Read Write Take ownership and Deny type Modify selecting this option will remove all the Allow and Deny permissions e Selected permissions This option will remove only the selected permissions from the selected shared folder s file s permissions list Example If the Account has the permissions Allow Read and Write and if Allow Read permission has been selected to revoke permissions then this option will remove only Allow Read permissions from the permissions list and the remaining Write permissions will exist in the permissions list e Revoke only if there is an exact match This option will remove the accounts permissions only when the selected permissions match exactly with an accounts existing permissions Example If a share has some accounts with permission as Allow Read and some accounts with permission as Allow Read and Execute selecting the Allow Read permissions to revoke will remove only the accounts that exactly has Allow Read permission 386 Chapter 4 NTFS Security Manager MeEwOURE f EMSs mOi Yy fara Ste
27. 2 Select the desired report Only one report may be selected to run in a single task 264 Chapter 3 NTFS Security Auditor 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step Step 2 User and or Group Selection F bra Ternar Cerna Brolt_in Darrere e FOWEDr CXPOITL GUIIT IM REPOS Step 2 of 7 User Group Selection Select a server or a Scan Profile Computers or a Scan Profile Users Groups to retrieve available users and groups from Report Name List of permissions for specific users and groups on files Account name o Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt No Profile found gt ae Selected Accounts 265 Chapter 3 NTFS Security Auditor SK Power Export Built in Reports Step 2 of 7 User Group Selection Select a server or a Scan Profile Computers or a Scan Profile Users Groups to retrieve available users and groups from Report Name List of permissions for specific users and groups on files Account name ay Add to list oo Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt Mo Profile found gt a o Selected Accounts Account Name Account Type BUILTIN Administrators Local Group BUILTIN Guests Local Group BUILTIN WIS TUSRS Local Group BUILTIN Network Configuration Operators Local Group BUILT
28. 3 NTFS Security Auditor View and Select Accounts UsersGroups available from computers displayed below da Add Domains Scan Profiles Computers c im Sample Scans Domains Gai Domain Controllers RD 10 e Use the Find option to search desired user group accounts Click Next to proceed Step 3 Select shared folders Select one or more servers to retrieve available shares 49 Chapter 3 NTFS Security Auditor on JHC TTL i epo ILs 5 Step 3of3 Select Shared Enter the tull path of a Shard folder paths from a text file properties for scanning ead E Do not display files that h same permissions as the p Indude group members in _ Indude group membership 50 Chapter 3 NTFS Security Auditor Built in Reports List of permissions for specific users and groups on files Step 30f3 Select Shared Folder s Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Seleci a Profile 0 Folder Path Indude sub folders Folder level RD10 NETLOGON True All YRD10NEW TEST FOLDER True All YRD10 WEW TEST FOLDER SHARE True YRD10NTFSTESTFOLDER True All FI Do not display files that have the
29. 54 Sample task for Revoke CAP RevokelaP Open Delete View Details Close The saved templates window allows you to perform the following operations e Open an existing template e Delete a template e Preview the contents of a template Open an existing Template 1 To open an existing Revoke CAP template select the Revoke CAP template and click Open button in the window The Revoke CAP Dialog will appear on the screen which will allow you to edit the selected template 493 Chapter 4 NTFS Security Manager 2 During edit operation you can modify the computer list and central access policy entries however you cannot modify the name of the template Delete a template To delete a Revoke CAP template select a Revoke CAP template which you want to delete and then click Delete button The selected template will be deleted permanently Preview the settings of a Template To preview the settings of a saved Template select a saved Revoke CAP template and then click View Details button The settings will be displayed in a window as shown below Saved Templates template Click Delete to delete any selected template and Click View Details to view the Select any template from the list of saved templates to proceed Click Edit to modify the selected j contents of selected template PR Template Name Description Template Type 3 Apply CAP Sample ApplylAP Sample task for Revoke CAP RevokeLAF summary Temp
30. ADVENTURE Martin ADVENTURE alex 3 4 ADVENTURE ADVENTURE Robin fay Domain Controllers ADVENTURE Richard 5 Roag BUILTIN Administrators EE wanes NT AUTHORITY SYSTEM wore fe WRD49 Address Accounts Advanced Permissions fad WRD4S admin folder AccountName ACEType Inherited EE WRD4S ADMINS ADVENTURE alec Al E8 WRD49 basic per ADVENTURE Martin Al E8 WRD49 Bulk Test folder ADVENTURE alex Al jae WRD49 Bulk test folderi ADVENTURE Robin All Al Al Al Al E8 WRD49 BulkTestwWithOu ADVENTURE Richard EF WRD4SICS BUILTIN Administrators fat WRD49 DS NT AUTHORITYSSYST jae WRD4SKES ADVENTURE adminuser Eg WRD4S ETf supp folder fad WRD49 ExchangeOAB S es Allow Inherited pemissions from the parent an E F i fd WRDOVFS to propagate to this object Yes Current owner BUILTIN Administrators Apply onto Select Applyonto option a Apply these permissions to objects andor containers within this container only Re Wands FJ 429 Chapter 4 NTFS Security Manager How to block inheritance from the parent to the current folder file permissions The Permissions Modifier allows you to block inherited permissions from the parent to the current folder file permissions Modify Permissions Click on button The Modify Permissions window will be displayed Step 1 Select folder file path e Follow the list of options to enumerate the shared folders files as outlined
31. Add Servers button to select the servers for which you wish to run the server reports selected in Step 1 This will display a window where you can select the servers you want to add Selecting a domain will add all the servers in that domain to the report 234 Chapter 3 NTFS Security Auditor Select Dormain s Server s Select one or more domains Click on the Apply to Reports button in order to apply the same list of domains for all the selected Reports To generate the report for all servers in a domain select the domain or select a set of servers to restrict the domain scan Or you may select a Scan Profile O Select Domain Server Add Domains Select Scan Profile ALL WINDOWS 8 MACHINES Md 2 You can restrict the domain scope and scan and collect data only for a specific set of computers by either selecting specific computers under a domain or by selecting a Scan Profile 3 Click OK to apply the selected servers or a Scan Profile to the current report or click Apply to Reports to apply the selection to the rest of the selected server reports The selected servers will be added to the wizard as shown below 235 Chapter 3 NTFS Security Auditor Step 2 of 5 Server Selection For each of the following reports select the list of servers for which you would like to generate the report Double click on a report or click Add Servers The report for each of the selected servers will be exported as a separate f
32. Allow No PHOENDX adm Ponne a S 1 5 21 2366372 Share folder Read and Execute Yes PHOEND4adm PHOENIX sar 1 5 21 2366372 WRD10 NEW TEST f Folder NEW TEST FOLO Read and Execute na Toa S1 5 21 2366372 Folder test Read and Execute Allow e_ ater oe 5 1 5 21 2366372 Yes PHOEND adn PHOENDM say 1 5 21 2366372 NEW TEST FOL Read and Execute Allow No PHOEND adm PHOENIX sat S 1 5 21 2366372 Share folder Read and Execute Allow ee 1 5 21 2366372 arn 5 1 5 21 235603 72 Nl Eee F 505 Chapter 6 Scan Profiles Manager How to manage Power Search to launch the saved search s window The windows shows the list of search s that were saved over the period of time Power search Reports This window shows the list of saved Power Search reports Select a saved search report from the list of saved searches to proceed Click Edit to edit the search settings Delete to delete the search Aun to generate the search report View Details to view the search settings SUMMA Search Hame Search Description Weer Sccess Check Users who can modify Ed Bun Delete view Details Close The saved search window allows you to perform the following operations e Run an existing search e Edit an existing search e Delete a search e Preview the settings of a search Run an existing search 1 To Run an existing search click Run button in the window The Power Search report window will app
33. Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to the next and final step PeP 299 Chapter 4 NTFS Security Manager Step 6 Summary Step 60f6 Summary Click Finish to save the task details C Users Public Docume i l mie k e Cick here lo view f Security Management ACK Nee To View B G Jij te 2014 Export effective permissions for users and groups on folders 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Schedule Tasks 300 Chapter 4 NTFS Security Manager List of effective permission for users and groups on files This report lists effective permissions for users and groups assigned to files available in a set of folders E Built in Reports D Permissions a Shares Folders and Files wf Shares and Resources Select option under Power Export This will bring up the Power Export Wizard Step 1 Report Selection ze Power Export Built in Reports Step 1of7 Report Selection Select the desired report to proceed Only one report can be selected in this category List of permissions for specific users and groups on folders List of permissions for folders List of permissions for specific users and groups on files E List of permissions for files E List of
34. Chapter 3 NTFS Security Auditor List of permissions for files This report allows you to view the associated file permissions under a specific set of folders i ee Le E Built in Reports ar es Shares Folders and Files a Shares and Resources Select option under Power Export This will bring up the Power Export Wizard Step 1 Report Selection Power Export Built in Reports Step 1of7 Report Selection Select the desired report to proceed Only one report can be selected in this category List of permissions for specific users and groups on folders List of permissions for folders List of permissions for specific users and groups on files z List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files se E List of effective permissions for specific users and groups on folders E List of effective permissions for specific users and groups on files 274 Chapter 3 NTFS Security Auditor 1 Select Permissions Reports from the select report category drop down list Select the desired report Only one report may be selected to run in a single task 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step Step 2 Shared Folder Selection me Power Export Built in Reports Step 2
35. Chapter 4 NTFS Security Manager 1 Select the user or group for which you wish to replace the selected account in the folder file permissions list Permissions Modifier y Accounts Basic Permissions Permissions PHOENIX sam Full Control Select User Group Account s Select the user andor group accounts for which you would like to Replace the pennissions on Shares tolders Account name ea Add to list o Browse and Select O A OOO Accounts from domain server Accounts from Scan Profiles UsersGroups Select a Profile Selected Accounts Account Name Account Type phoenix adminuser2 Replace accounts on subfolders Set Search Pattem Set Folder Levels Include files present inside folders Rees Allow Inherited pemissions trom the parent Gp p ce RESEARCHLAB o propagate to this object fi SPACFNFT 4 nT e Replace accounts on sub folders This option will replace accounts on sub folders of the selected folder e Include files present inside folders This option will replace accounts on files present inside the selected folder e Use Set Search Pattern option to perform replace permissions for sub folders that match certain pre defined conditions like Folder name starts with Folder name ends with Example Folder name starts with test Folder name ends with share 420 Chapter 4 NTFS Security Manager Enter search crtena for subfolders Folder Pat
36. Click Edit Folder Options to modify the default properties For scanning each Folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Include sub folders Folder level Add From Import e Inthis step the list of shares present in Scan Profile Shares will be loaded to the selected account list as shown below 568 Chapter 6 Scan Profiles Manager Built in Reports List of permissions for folders Step Zof Select server s for Shared Folders list Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC Folder paths From a text File Select a Folder in the list below and Click Edit Folder Options to modify the default properties For scanning each Folder Share Folder UNC Path Scan Profile Shares Frequent Scans Folder Path Include sub folders Folder level Add From WRD49 Address True All a WRD4S NTFS Bulk Share2 True All Import WRD4S NTFS BulkTest Share True All E WRADASATES Security Manager True All WAD4S Test share Folder True All Do not display folders that have the same permissions as the parent Folder Edit Folder Options Include group membership information E Include SID Back Finish Close e Inthe succeeding steps select needed details for generating reports for selected shares Scan Profiles Users Groups and Power Export Tool off line repo
37. Control List of the selected share s folder s files s 500 Chapter 4 NTFS Security Manager er et E T Se Step 2 of 4 Select Access Control Entry Type and Permissions Select ACE type and permissions to search in the Access Control List of the selected share s folders file s ACE Type Allow Deny Show both inherited and explicith assigned Show inherited ony Show explicit only Penissions Basic Permissions Special Permissions E Full Control mE Traverse Folder Execute File E Modify P List Folder Read Data Show exact match folders tiles that have exactly these pennissions Step 3 User and or Group Selection 1 Select the user or group for which you wish to run the search 2 The selected users will be added to the wizard as shown below 501 Chapter 4 NTFS Security Manager Step 3 of 4 Select User Group Account s Optional This step is optional Use this step to select specific user and or group accounts for which you would like to view the permissions on files folders Meee Jh Add to list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Select a Profile oe Selected Accounts Account Name Account Type e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile 502 Chapter 4 NTFS Security Manager Step 3 of 4 Select
38. Create Folders Append Data E8 WRD49 Bulk Test folder NS are Allow No Write Attributes Eg WRD49 Bulk test folder ADVENTURE Robin Allow No Write Extended Attributes PE WRD49 BulkTestwithOu ADVENTURE Richard Allow No Delete Subtolders and Files EE WRD4S C5 BUILTIN Administrators Allow Yes Delete Es WAD4S DS NT AUTHORITASYST Allow Yes Read Pemissions am WRD4SVES ADVENTURE adminuser Allow Yes Change Permissions fea WRD4S E Tf supp folder foe WRD49 ExchangeOAB Sais Allow Inherited pennissions from the parent fad WRDSSIFS to propagate to this abject o EN H E angen EER RBEREEASBSESS ABBA HERE EEEEERBEAREA oono AgM Curent owner BUILTIN Administrators diis ee Apply these permissions to objects andor containers within this container only 436 Chapter 4 NTFS Security Manager e Check the permissions you want to add and uncheck the permissions you want to remove from the account s advanced permissions e Click the button Apply to update the advanced permissions for the selected account e Youcan also modify the propagation level to all it s subfolders and files by using the option Apply onto Caution If all the permissions are unchecked the account will be completely removed from the ACE list Permissions Modifier Grant permissions g Add Domain seasea lt No Share Profile found Configure Domains 5 a Refresh Gil ADVEN
39. Description This report lists the permissions for folders with Security Vulnerabilities List of all explicit permissions for folders List of folders with broken inheritance and their permissions broken inheritance List of permissions for orphaned accounts on folders List of permissions for disabled user accounts on folders List of permissions for accounts having destructive access on folders List of folders that have Deny permissions set both Explicit and Inherited List of user accounts that have indirect access to folders due to nested group membership List of Effective Access for specific user and groups on folders E List of folders that have permissions for Everyone group Step 2 Select shared folders Select one or more servers to retrieve available shares 190 Chapter 3 NTFS Security Auditor C SECUTITY VUINETEe SITIES LISE O Step 2 of 2 5 Select Shares Enter the full p folder paths fry View and sele Scan Profiles Computers i i Domain Controllers oro A WRD10 aDMINg RD 10 cs The application displays all computers that are currently active in your network using the browser service lf some computers are missing your brov ser service may not be functioning properly Aternatively you may use the Active L_ Indude G Directory services for computer enumeration 4NOUGE trol 191 Chapter 3
40. Enterprise Admins Inherited from BUILTIN Administrators gt PHOENIX Enterprise Admin Inherited from BUILTIN Administrators gt PHOENIX Enterprise Admins CN adminuser2 User Active Allow Subfolders andfile Inherited from BUILTIN Administrators gt PHOENX Enterprise Admins Traverse Folder 5 No This folderonly Inherited from BUILTIN Administrators gt PHOENIX Enterprise Admins CN adminuser3 User Active Allow Full Control No Subfolders andfile Inherited from BUILTIN Administrators gt PHOENIX Enterprise Admins Traverse Folder 5 No This folderonly Inherited from BUILTIN Administrators gt PHOENIX Enterprise Admins CN adminuser4 User Active Allow Full Control No Subfolders andfile Inherited from BUILTIN Administrators gt PHOENTX Enterprise Admins Traverse Folder 5 No This folderonly Inherited from BUILTIN Administrators gt PHOENIX Enterprise Admins CN adminuserS User Active Allow Subfolders andfile Inherited from BUILTIN Administrators gt PHOENTX Enterprise Admins 63 Chapter 3 NTFS Security Auditor List of effective permission for users and groups on folders This report lists the effective permissions for users and groups assigned to set of folders Click on S Shares and Resources button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select
41. Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares a Profile oe Folder Path Indude sub folders Folder level WRD10 NEW TEST FOLDER SHARE True WRD 10 NTFSTESTFOLDER True WRDO SYSVOL True YRD 10 TestShareFalder True Go not display folders that have the F Exclude Accounts Edit Folder Options same permissions as the parent folder a You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default If you want to exclude specific acc
42. Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default If you want to exclude specific accounts from reporting select Exclude Accounts option Click Accounts button to launch Exclude Accounts window as shown below 61 Chapter 3 NTFS Security Auditor Exclude the following accounts Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users E NT AUTHORITYSYSTEM E BUILTIN Users Select the accounts for which you want to exclude and click OK You can use Customize option to exclude some of the fields from the report as displayed below E Full Path Folder Path Sub Folders E Owner User Group Name F Account Type Type Inherited amp Explicit Effective Permissions NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Ed
43. For more information on Scan Profiles click About Scan Profiles Users Groups Use Browse and Select option to retrieve users and groups from servers or Scan Profile Computers 210 Chapter 3 NTFS Security Auditor ees View and Select Accounts Users Groups available trom computers displayed below Scan Profiles Computers c ia Sample Scans i i Domain Controllers PHOENIX Administrator PHOENIX Guest Use the Find option to search desired user group accounts Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below 211 Chapter 3 NTFS Security Auditor Q Refresh 3 Export Sy E mail Report Details Report Name List of folders that have Deny permissions set both Explicit and Inherited Generated On 11 4 2014 5 37 30 PM Status Success Access Account Type Type Inherte Security Apply To RD10 Test folder pe Testfolderpermiss Folder PHOENIX adminus a PHOENDX adminus User Active Deny No PHOENIX adminus User Active Traverse Sacer E This folder subfolders and files List Folder Read Read Attributes Create Folders A Write Attributes Write Extended A Delete Read Permissions LEE Traverse Folder E List Folder Read Read Attributes Create Folders A Write Attributes Write Extended Att Delete Read Permissions il lil ls il O i o ae Traverse Folder List Fol
44. Groups option to use the users and groups added in the profile LS F i d ETI TIES D 1 M A L Y Step 3 of 4 Select User Group Accounts Optional This step is optional Use this step to select specific user and or group accounts for which you would like to view the permissions on files folders Specific Account Types User C Group Specific Accounts Account name Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups eo Selected Accounts Reset phoenix adminuser2 phoenix sam phoenix saru e Click Next to proceed to the Next step 146 Chapter 3 NTFS Security Auditor Step 4 Save Search Enter a name and description for search Step 4 of 4 Save Search Enter a name and description for the search Search Name Users who can Modify Search Description Click Finish to generate the power search report 147 Chapter 3 NTFS Security Auditor After the data collection process is complete the report would be generated in a report window as shown below A esh W Refr Export a E mail search Details Search Name UserAccess Check Generated on 02 Jul 2014 07 13 40 PM Folder File Path Type Name WRD10 NEW TEST f Folder OLE Share folder Folder test NEW TEST FOLD Share folder l FolderiFile Object Folder test NEW TEST FOLD Permissions Read and Execute Read and Execute Read and Execute Read a
45. IN RODOITS wacscsactaccaccceatcccccbecctawsnntanavstaritecdeateaieetaecsacseatacsustae teens esd inane bareaataateasecbacseeateatoninstasitaniaadiaeuadadeeass ease 32 ADOUE BUTI REDOUES cs ius oc nctersenneeseacssdunmaarseuneaonecten E EEE EE 33 How to view Built in Permissions Reports ccccccssssccceseccccsnecccsensceceuseccsesccesaueeeseaecesseuscesseueeesaasessauseessaneeesaes 34 How to view Built in Reports for Shares and Resources csssscccccssssccccceesecccecaeseccessausececesaeeeceessagaeecessaaneeeessaees 88 Shares Folders and FIS sanana cone acotaneneicnauawa Gauai esti sucua cares eh owaol cue secede aeuteleuwacelaneveteneneceteleeness 92 How to view Shares Folders and Files information ccccccccecccecccsecccecccscceeceuececseeeecseeuseuseeuseseuuceuseeueeseeeeuneeuees 93 DAG REDONIS acco ccecateracccrecncua acon es cvatonesececoseucreueusuacecauansuewn A reuelaneceucnatecaswuevepavoneuacateleucramecanesereusnserees 97 ADOUCDAC REDO oaa N a N let edasaeet 98 How to view the effective DAC permissions for the specified accounts cccsssseccccceeseecceceeeccecseeeeeeesaneeeeessuees 99 How to view the effective DAC permissions for Accounts having permissions on specific folders 008 107 How to view Central Access Policies and policy permissions cccccsssscccsecccceesecceeeeecssuecesseuecessaeseessaeeessaeeess 113 How to check the shared folders and subfolders affected by DAC
46. J Aer OE SYY L Step 2 of 4 Select Access Control Entry Type and Permissions Select ACE type and permissions to search in the Access Control List of the selected share s folder s fleis ACE Type Allow Deny Show both inherted and explicit assigned Show inherted ony Show explicit only Permissions 6 Basic Permissions Special Permissions E Full Control vel Traverse Folder Execute File E Modify PM List Folder Read Data W Read and Execute List Folder Contents E Read Attributes Read Write and Execute Read Extended Attributes Create Files Write Data Create Folders Append Data Show exact match folders tiles that have exactly these pennissions 144 Chapter 3 NTFS Security Auditor Step 3 User and or Group Selection Specific Account Types Select user and or group for which you wish to run the search Specific Accounts Select user and or group accounts for which you would like to view the permissions for files folders Power Search Wizard Permissions DACL Step 3 of 4 Select User Group Account s Optional This step is optional Use this step to select specific user and or group accounts for which you would like to view the permissions on files folders A Specific Account Types Specific Accounts Select a Profile Account Name Account Type 145 Chapter 3 NTFS Security Auditor e Use Select a Scan Profile Users
47. Management Suite 2014 worker files completely the uninstall wizard provides a set of cleanup options to perform the cleanup operation based upon your selection Use this wizard to cleanup the files that are created by NTFS Security Management Suite 2014 application selectively and uninstall NTFS Security Management Suite 2014 completely from the machine 1 Launch the uninstall wizard by clicking Start gt Programs gt NTFS Security Management Suite 2014 gt NTFS Security Management Suite 2014 Uninstall Wizard The NTFS Security Management Suite 2014 Uninstall Wizard dialog will be shown as below NTFS Security Management Suite 2014 Uninstall Wizard Welcome to NTFS Security Management Suite 2014 Uninstall Wizard This wizard helps you to deanup and uninstall NTFS Security Management Suite 2014 completely This wizard will guide you through the steps to deanup the files that are created by NTFS Security Management Suite 2014 application Using this wizard you can Cleanup scheduled tasks Cleanup NTFS Security Management Suite 2014 application settings Cleanup log files Cleanup Scan Profiles created by NTFS Security Management Suite 2014 Scan Profile Manager Uninstall NTFS Security Management Suite 2014 application Click Next to proceed 577 Chapter 6 Scan Profiles Manager 2 Select required cleanup options as shown below NTFS Security Management Suite 2014 Uninstall Wizard Step 1 of 2 Cleanup Opti
48. NTFS Security Auditor Security Vulnerabilities List of folders with broken inheritance and their permissions 3 Step 20f2 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC A folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the FEE default properties for scanning each folder Share Folder UNC Path os 0 Folder Path YRD 10 NETLOGON RD10 Ntfs test folder permissions Indude files present inside folders Set sub folder levels Indude Group members You may also enter the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders option to include all files from the specified folders in the report You can select Include Group members option to include all the members of a group and their sub group members at all group levels in the report Use Set sub folder levels option to view permissions in the selected levels of sub folder s in the shared folder Folder Levels Cral Folder Levels Include upto 3 rd level of sub folder s in the shared folder gt Include onbe 1 St level of sub fal
49. SMTP Server name From Address To address Subject Body of the e mail message attachment format and option to attach the report as zip file format SMTP Server dc0i From Erings researchlab com AmyRecker researchlab com Subject List of permissions for folders Attachment Format V Compress the attachment For e mailing reports NTFS Security Management Suite requires SMTP Server From E mail Address To E mail Addresses recipients separated by semicolon and the report attachment format Specify SMTP server name from Address To address mail subject mail content attachment format and option to compress the attachment button to send the report by e mail to the selected recipients 523 Chapter 6 Scan Profiles Manager Check names NTFS Security Management Suite provides check name feature to check the existence of corresponding amp mail enabled recipient object in Active Directory To check name click Check button If the entered name matches with a mail object in the Active directory its trusted domain name entered in From address textbox will be replaced by the corresponding active directory recipient object If there is more than one match a dialog which contains matching Active Directory recipients will appear as shown below You can select one or more recipient and click OK E Check Nome NTFS Securty Management Suite 2014 found more than one ad Do you want to Delete this recipien
50. Select an account and Click Remove e Select an account from the Basic or Advanced permissions Account list e Click Remove Permissions Modifier Grant permissions Accounts Basic Permissions Permissions Add Domains Refresh ADVENTURE alec Full Control o lt No Share Profile found Configure ADVENTURE michael Modify Domains ADVENTURE Martin Read and Execute List folder c d ADVENTURE ADVENTURE alex Read d Domain Controllers ADVENTURE Robin Write o m RD49 ADVENTURE Richard Special permissions a a WADA _ BUILTIN Administrators fae WADS9 Address H E WRD4Sadmin fof H E WRD49 VADMINS b Are you sure want to remove the Account ADVENTURE michael from P the RD49 admin folder s permissions list 7 E WRD49 Bulk test fag WAD49 BulkTest BE WRD4SICS fad WRD4S DS BL Administr J E WRDASIES NTAUTHORITY SYST Allow Yes Ae WRD4S ETT supp folder fed WAD49 ExchangeOAB Allow Inherited permissions from the parent fad WRDABSIFS to propagate to this abject PoP Po Po BLEI wonasies eu Curent owner BUILTIN Administrators 426 Chapter 4 NTFS Security Manager e Click Yes to remove the selected Account e The updated permissions list will be displayed as shown below Accounts Basic Permissions E Add Domains Y Refresh ADVENTURE alec 7 lt No Share Profile found Configure ADVENTURE Martin ADVENTURE alex jolly ADVENTURE ADVENTURE Robin z SE Domain C
51. Select shared folders Select one or more servers to retrieve available shares 213 Chapter 3 NTFS Security Auditor Te Yulpera ti Step 20f2 57 Enter the tull p Boae folder paths fi view and sel prs ines jew Share Folder UI Scan Profile 3 S E Domain Controllers Hro VRDmAmMNg WADIo WSs l The application displays all computers that are currently active in your network _ Indude files using the browser service If some computers are missing your browser service may not be functioning properly Sternatively you may use the Active Directory services for computer enumeration close 214 Chapter 3 NTFS Security Auditor Security Vulnerabilities List of user accounts that have indirect access to folders due to nested group membership Step 20f2 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC j a folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the FEE default properties for scanning each folder Share Folder UNC Path EEUU E aN 25 6 Folder Path YRD 10 NETLOGON WAD10 Ntfs test folder permissions YRD 10 WWTFSTESTFOLDER 4 Indude files present inside folders Set sub folder levels You may also enter the UNC path of a folder that is not in the list such as
52. Step 1 Select shared folder s file s Select shared folder s files by using any of the input options displayed Grant Permissions Wizard Step 1 of 6 Select shared folder s file s Enter the Full path of a shared Folder jfile Click 4dd Fram to load the list of shares Import to import a list of UNC Folder paths from a text File Share Folder UNC Path oe Scan Profile Shares _ Select a Profile Add From Folder Path Import oe Cancel e f you want to select shares from servers for which you wish to add then click Add From option e Select one or more servers to enumerate its shared folder s file s 347 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 1 of 6 Select Sb Enter the Full path select Shares From a text File view and select Shares and Folders available From computers displayed below Share Folder UNC F i ADVENTURE Scan Profile Share i Domain Controllers o D RD49 Folder Path 3 3 NRD49 Address Add From _ s WRD49aDMIN m E WRO4S adminuser Folder WRO49 basic per LJ WRD491Bulk Test Folder WRD49 Bulk best Folder 1 E WROD BulkTestwithoutSameasparent LJ WRD LJ Wrpssips Weo4sies Cancel Cancel e Use Select a Scan Profile Shares option to use the shares added in the profile 348 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 1 of 6 Select shared folder s file s Enter the F
53. Step 2 Select Domain s Server s Select the server s Domain s for which the report needs to be generated The default option selected is All Domains for all the reports Built in Reports List of Shares with permissions Step 2Zof3 Select Domain s Server s You can either generate the report across domains by selecting All Domains or for a specific domain server by selecting the Select Domain Server option This report can also be generated specifically for a single server by selecting the Server option 6 All Domains Select Domain Server Sil CWRESEAR CHLAB ma Domain Controllers fw Ga RDO a m ServersAVorkstations H E VOYAGER c E VSSPRO Select Scan Profile Select a Profile Click Next to proceed to the next step 89 Chapter 3 NTFS Security Auditor Step 3 Select Report Criteria To view the part of the report that is of more significance change the report criteria settings Only the data that matches the specified criteria will be displayed in the generated report Built in Reports List of Shares with permissions Step 3of3 Select Report Criteria To view the park of the report that is of more significance change the report criteria settings Only the data that matches the specified criteria will be displayed in the generated report Share Type Folder Share El Admin Share Back Finish Close Click Finish to g
54. The Add to Filter will change to AND to Filter The OR to Filter button will be enabled The selected condition will be set as a filter and displayed as shown below 518 Chapter 6 Scan Profiles Manager a Filter Dormains Shares Field Operator Values Host Mame RD45 AND to Filter OR to Filter Host Mame RD45 5 Click OK to apply the filter Note e Use the CEHHHAND to Fiter and 1 to build enhanced filter condition as shown below e Field A Value 1 AND Field B Value 2 OR Field C Value 3 AND Field D Value 4 e Use F to remove the parenthesis e Use 2 to delete a selected condition The status bar s FILTERED indicator is used to indicate whether the current data is filtered or not For a normal view the status bar will appear as LY Fitered For a filtered view the status bar will appear as 519 Chapter 6 Scan Profiles Manager How to Refresh data Refresh the current report data to view the latest information from the Domain Controller Click on ees button in the toolbar available in the report window or press F5 to refresh report data Alternatively you can right click on the grid in the right pane of the report window and then select Refresh Data from the context menu The existing data will be cleared and latest data will be loaded in the report window 520 Chapter 6 Scan Profiles Manager How to Export data The Export
55. The following shows how Scan Profiles Users Groups can be applied to permission reports for specific users and groups in Interactive report generation and Power export tool Scan Profiles Users Groups and Interactive Report Generation Perform the following steps for applying Scan Profiles Users Groups to permission reports in Interactive report generation a Built in Reports a Permissions al Shares and Resources Click on under Built in Reports in the tool bar e Select any one of the permissions reports listed above and click Next to proceed 551 Chapter 6 Scan Profiles Manager e Inthe next step select the option Select a Scan Profiles Users Groups as shown below Built in Reports List of permissions for specific users and groups on folders Step 27 of 3 Select User Group Account s Select user and or group accounts For which you would like to view the permissions on files folders Enter account name jem Add to list oe Accounts fram damainiserver Browse and Select Accounts tram Scan Profiles Users sroups Select a Profile rit Se lected Accounts Account Mame Account Type e Inthis step the list of users and or groups present in Scan Profile Users Groups will be loaded to the selected account list as shown below 552 Chapter 6 Scan Profiles Manager Built in Reports List of permissions for specific users and groups on folders Step 2 of 3 Select User
56. Traverse only n level s of sub folder in the share option and specify a sub folder level Where the levels are numbered as follows server sharename Level 1 Level 2 Level 3 Note The Include sub folders option defaults to enumerating all the sub folders unless you specify a sub folder level in Traverse only n level s of sub folder in the share option Note The Do not display folders that have same permissions as the parent folder option would be enabled by default The report would be displayed as below 94 Chapter 3 NTFS Security Auditor O Shares and Resources Folders RD45 0 Refresh a Export F Filter E3 Enterprise SHARES H A ADVENTURE DISCOVERY PATHFINDER fal YY SSPRO fa y APINLAB m Shares Folders TF Files Share Folder ce Path Sub Folders ADChangeTrack WRD45140Cha AD hangeTrack ADChangeTrack ADChangeTrack ADChangeTrack ADChangeTrack ADChangeTrack WARDS addres 4ddress Address Address Address Address Customize J Scan Profiles Computers Ea E mail Ower BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Ad BUILTIN Ad BUILTIMUsers BUILTIM Users CREATOR NT AUTHOR BUILTIN Ad BUILTIN Ad BUILTIN Se BUILTIN Se CREATOR Security
57. User Group Account s Optional This step is optional Use this step to select specific user and or group accounts for which you would like to view the permissions on files folders Account name oo G Add to list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Guest Accounts oe Selected Accounts Account Name Account Type phoenix adminuser2 phoenix sam phoenix saru phoenix test group e Click Next to proceed to the Next step Step 4 Save Search Enter a name and description for search 503 Chapter 4 NTFS Security Manager Step 4 of 4 Save Search Enter a name and description for the search Search Name Users who can Modify Search Description Click Finish to generate the power search report After the data collection process is complete the report would be generated in a report window as shown below 504 Chapter 4 NTFS Security Manager iy Refresh p3 Export 5 E mail Search Details Search Name UserAccess Check Generated on 02 Jul 2014 07 13 40 PM ez ile Object Folder File eee ACCESS inherited nee User Group ep E Type Name Control Type Name WRD10 NEW TEST der Foldertest Read and Execute Allow No PHOENTX adr PHOENTX sar S 1 5 21 2366372 PHOENTDX adm PHOEN sa S 1 5 21 2366372 No PHOENTX adm PHOENIX san S 1 5 21 2366372 PHOENIM Sar S 1 5 21 2366372 RD10 NEW TEST Folder Read and Execute
58. WRD49 CS BUILTIN Administrators Allow EE WRD49 DS NT AUTHORITASYST Allow Ee WRD4SNES ADVENTURE adminuser Allow Eg WRD49 ETf supp folder E8 WRD49 ExchangeO AB fae WRD4O FS 5 Curent owner BUILTIN Administrators Allow Inherited permissions from the parent to propagate to this object 2 ee Wana a e The updated basic permissions for the selected account as shown below O A AAA O 434 Chapter 4 NTFS Security Manager Accounts Basic Permissions Permissions F Add Domains H Refresh ADVENTURE alec Full Control lt No Share Profile found Configure ADVENTIJRE Martin Modify DVENTURE alex Read and Execute List folder c 6 4 ADVENTURE DVENTURE Robin Read Lay Domain Controllers DVENTURE Richard Write B Ra BUILTIN Administrators Special permissions E ES WRD49 2 NT AUTHORIT SYSTEM BB wa0s92 fed WRD49 Address Accounts Advanced Permissions fae WRD49 admin folder AccountName ACEType Inherited fal WRD4SVADMINS ADVENTURE alec E8 WRD49 basic per ADVENTURE alec A A BISIG O a opoo Eg WRD49 Bulk Test folder DVENTURE Martin ae WRD49 Bulk test foldert DVENTURE alex Eg WRD49 BulkTestwithOu ADVENTURE Robin ee WRDASICS ADVENTURE Richard ES WRD45 DS BUILTIN Administrators Eg WAD4SNES NT AUTHORITASYST Eg WRD4S ETf supp folder E WRD4S ExchangeOAB l Allow Inherited pemissions from the pare
59. WRD4S ExchangeUl NT AUTHORITYSYS All Yes CREATOR OWNER Yes EE WRD4S BMW share BUILTIN Users Allow Yes ie WRD46 Example PEERI E WRN4RiFxchanneo Y Allow Inherited permissions from the parent t to propagate to this object Curent owner BUILTIN Administrators 135 Chapter 3 NTFS Security Auditor Select Scan Profiles Shares and follow the steps below e Select shares profile and enumerate its shared folder s file s list e Select a shared folder file path Share Folder path Accounts Basic Permissions Permissions g Add Domains Refresh DISCOVERY adminuser Full Control WIN 12adminuser Modify WIN T2 test Read and Execute List folder cont BUILTIN Administrators Read NT AUTHORIT SYSTEM Write qISS53ee82 i Sample Shares CREATOR OWNER Special permissions B E Wed Test BUILTIN Users a ES wd 2 Testfolder Coates A Y WRD12itestfolder3 _AccountName ACEType Inherited H Server Shares DISCOVERY adminuser Allow WIN12 adminuser Allow WIN12 test2 Allow BUILTIN Administrators Allow NT ALITHORITY SYSTEM Allow CREATOR OWNER Allow BUILTIN Users Allow BUILTIN Users Allow BUILTIN Users Allow Curent owner BUILTIN Administrators Allow Inherited pennissions from the parent to propagate to this object 136 Chapter 3 NTFS Security Auditor Power Search About Power Search How to view Power Search Permissions DACL Reports How to view Power Search Auditing SACL Repo
60. a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path de fe PES e Click the option Add From e Select one or more servers to enumerate its shared folders 109 Chapter 3 NTFS Security Auditor DAC Reports Effective DAC permissions for Accounts having permissions on specific folders Step 2of2 Selec oa T n A it Enter the tull path o Selec Shares folder paths from a view year seni Shares and Folders available from computers displayed below properties for sca Bo Domain Controllers 4 RD12 Opt on 15 e Use Select a Profile option to use the shares added in the profile 110 Chapter 3 NTFS Security Auditor DAC Reports Effective DAC permissions for Accounts having permissions on specific folders Step 2o0f 2 Select server s for Shared Folders list Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Indude sub folders Folder level VRAD 12 Test True
61. a group and their sub group members at all group levels in the report Use Set sub folder levels option to view permissions in the selected levels of sub folder s in the shared folder Folder Levels Cral Folder Levels Include upto 3 rd level of sub folder s in the shared folder gt Include onbe 1 St level of sub falder s in the shared folder Include folders after 1 Sl level of sub folder s in the shared folder Include only leat nodes in the shared folder 221 Chapter 3 NTFS Security Auditor Include upto N level s of sub folder s in the shared folder This option will view permissions from sub folders which are upto the specified folder traversal level Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permissions from sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folder s permissions Click OK to proceed Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below Security Vulnerabilities Reports List of Effective Access for s
62. a specific user group account for a set of folders Click on S Shares and Resources button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Built in Reports List of effective permissions for specific users and groups on folders Step 1of3 Select Report Select a report from the available Built in Reports Description This report lists the effective permissions assigned to a List of permissions for folders specific user group account for a set of folders a 4 Permissions List of permissions for specific users and groups on folders List of permissions for specific users and groups on files List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files B List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files Click Next to proceed to the next step 74 Chapter 3 NTFS Security Auditor Step 2 Select User Group Accounts Select user and or group accounts for which you would like to view the permissions for folders files Built in Reports List of effective permissions
63. access policy on the selected shared folder s file s You can view and select the required Central Access Policy from the domain that belongs to the selected shared folder s file s Revoke CAP f Click on sa Revoke CAP _ button in the toolbar The Apply Central Access Policy window will be displayed as shown below Step 1 Select shared folder s file s Select shared folder s file s by using any of the input options displayed Apply Central Access Policy Wizard Step 1 of 4 Select Shared Folder s File s Enter the Full path of a shared Folder ifile Click Add From to load the list of shares Import to import a list of UNC Folder paths from a text File Scan Frotiles Shares lt No Profile found ta a Folder Path Domain Name Add From Import oa Remove Apply to all the sub folders Include files present inside folders Next Cancel e f you want to select shares from servers for which you wish to add then click Add From option e Select one or more servers to enumerate its shared folder s file s 473 Chapter 4 NTFS Security Manager Step 1 of 4 Select Enter the Full pe From a text File ShareFolder UNC F Scan Protiles S har Folder Path lt Apply to all the s Include files pre Apply Central Access Policy Wizard Select Shares View and select Shares and Folders available from computers displayed below WRD4OiTest DAC LJ WRo40 Testing CAP c Servers Workstations
64. as shown below Saved Permissions Templates Select any template from the list of saved templates to proceed Click Open to modify the selected template Click Delete to delete any selected template and Click View Details to view a the contents of selected template Template Name Description Template Type 34 grant pemission task fortest share Grant copy pemissions task1 for evaluation El copy pemissions task for adminshare Selected Permissions Access Control Entries 1 DISCOVERY adminuser gt Allow gt CreateFiles AppendData gt This folder subfolders and files 2 DISCOVERY test2 gt Allow gt Modify gt This folder subfolders and files La 3 DISCOVERY test4 gt Allow gt Modify gt This folder subfolders and files m Close etails Selected Source shared folder file 1 rd46 Test Folder Golortod Tarnat charad faldor f ci filof ci Close 462 Chapter 4 NTFS Security Manager Copy Account Permissions How to copy account permissions in the selected shared folder s file s permissions list 463 Chapter 4 NTFS Security Manager How to copy account permissions in the selected shared folder s file s permissions list The Copy Account Permissions feature allows you to copy an existing account permissions to single or multiple accounts by granting the same existing permissions You can copy account permissions on specified lev
65. destructive access on folders Generated On 11 4 2014 6 01 50 PM RD10 Ntfs testfolderp Ntfs test folder per Folder PHOENDX adminus BUILTIN Administ Group Access Type Inherited Security Full Control Apply To This folder subfolders and files New Text Documen File Full Control This file only RD 10 NTFSTESTFOLDE NTFSTESTFOLDER Folder PHOENTX adminus BUILTIN Administ PHOENIX adminus User Active Full Control Full Control This folder subfolders and files This folder subfolders and files NTFS Security Man File RD10 Test folder permi Test folderpermiss Folder PHOENIX adminus NT AUTHOR Well Known Sid Full Control This file only PHOENIX adminus User Active Group Full Control Full Control This file only This folder subfolders and files PHOENDX adminus BUILTIN Adminis PHOEN aaa User Active Full Control This folder only PHOENITX adminus CREATOR OWNER User Active Well Known Sid Full Control Traverse Folder E Subfolders andfiles only This folder subfolders and files NT AUTHOR Well Known Sid Full Control This folder subfolders and files BUILTIN Administ NT AUTHOR Group Full Control Full Control This folder subfolders and files This folder subfolders and files PHOENIX adminus User Active Full Control This folder only CREATOR OW
66. folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default If you want to exclude specific accounts from reporting select Exclude Accounts option Click Accounts button to launch Exclude Accounts window as shown below 44 Chapter 3 NTFS Security Auditor Exclude Accounts Exclude the following accounts MW Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users E NT AUTHORITYSYSTEM E BUILTIN Users Select the accounts for which you want to exclude and click OK You can select Include SID option to include SID value for user in the report You can select Exclude inherited permissions option to exclude inherited permissions from the report You can select Include group membership option to include all membership information of user and group in the report You can select Include group members option to include all the members of a group and their sub group members at all group levels in the report You can use Customize option to exclude some of the fields from the report as displayed below bi Custom View Fields E Full Path Folder Path sUb Folders E Owner User Group Name F Account Type Type Inherited amp Explicit Effective Permissions 4 T NTFS Security Auditor defaults
67. folder permissions Indude files present inside folders Set sub folder levels You may also enter the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders option to include all files from the specified folders in the report Use Set sub folder levels option to view permissions in the selected levels of sub folder s in the shared folder i Folder Levels Folder Levels Include upto 3 aird jevel of sub folder s in the shared folder gt Include only 1 St level of sub folder s in the shared folder Include folders after 1 St level of sub folder s in the shared folder Include only leat nodes in the shared folder Include upto N level s of sub folder s in the shared folder This option will view permissions from sub folders which are upto the specified folder traversal level 200 Chapter 3 NTFS Security Auditor Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permissions from sub folders which are after the nth folder level of the selec
68. for specific users and groups on folders Step 20f3 Select User Group Account s Select user and or group accounts for which you would like to view the permissions on files folders Account name ea Add to list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt No Profile found gt Selected Accounts Account Name Account Type BUILTIN Administrators Local Group BUILTIN Backup Operators Local Group BUILTIN Guests Local Group BUILTIN Print Operators Local Group BUILTIN Remote Desktop Users Local Group BUILTIN Replicator Local Group BUILTIN Users Local Group e Enter the name of User Group in domain account name format and click Add to List to add the name to selected accounts list e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups e Use Browse and Select option to retrieve users and groups from servers or Scan Profile Computers 75 Chapter 3 NTFS Security Auditor View and Select Accounts UsersGroups available from computers displayed below da Add Domains Scan Profiles Computers c im Sample Scans Domains Gai Domain Controllers RD 10 e Use the Find option to search desired user group accounts Click Next to proceed Step 3 Select shared folders Select one or more servers to retrieve available shares 76 Chapte
69. from Scan Profiles UserstGroupe Select a Profile ha oe Selected Accounts Account Mame Account Type aa Cae Coe e In this step the list of users and groups present in Scan Profile Users Groups will be loaded to the selected account list as shown below 554 Chapter 6 Scan Profiles Manager z Power Export Built in Reports Step 2 of 6 User Group Selection Select a server or a Scan Profile Computers or a Scan Profile UsersAsroups to retrieve available users and groups fram Report Mame List of permissions For specific users and groups on folders Enter account name a Add to list Ci Accounts from domainiserver Browse and Select Accounts from Scan Profiles UsersGroups Frequent Scans oe Selected Accounts Account Mame Account Type Adventure adminuser Adventure Alan Adventure Alex Adventure Michael Builtin Adrninistrators a lt Back Weck gt Close e Inthe succeeding steps select needed details for generating reports for selected Scan Profile Users Groups 555 Chapter 6 Scan Profiles Manager How to apply Scan Profiles Users Groups in NTFS Security Manager Module You can apply Scan Profile Users Groups to Grant Permissions Revoke Permissions and also Modify Permissions that involves changes to permissions for the accounts on shared folder s file s The following steps describe on how to apply Scan Profiles User Groups in the Gran
70. gt Grant Permissions Click on button The Grant Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Grant Permissions for selected Shares e n step 4 select the option Replace the account s existing permissions with the new permissions Grant Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to add permissions to the selected shared folder s file s permissions list Assignment Rule Add the selected permissions to the existing permissions list f the selected account already exists in the permissions list Add the new permissions to the account s existing permissions d Replace the account s existing pemissions with the new pemissions oe E Also apply the above to subfolders and files that do not have inheritance set non nherted folders and files oe 6 Remove all existing accounts and replace with the selected accounts and pemissions d E Replace all child object existing permissions with inhertable permissions from this object ri Inheritance Rule e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Grant Permissions for selected Shares 341 Chapter 4 NTFS Security Manager How to grant permissions to the selected accounts on subfolders and files that do not have inherited permissions from its parent object The Grant Permissions feature allows to grant permissions to the selected accou
71. have the Edit Folder Options same permissions as the parent folder Indude group members You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default You can use Customize option to exclude some of the fields from the report as displayed below 85 Chapter 3 NTFS Security Auditor eS Custom View Fields E Full Path Folder Path Sub Folders E Owner User Sroup Name F Account Type Type Inherited amp Explicit Effective Permissions 4 You can use Include group members option to include all the members of a group and their sub group members at all group levels in the report NTFS Security Auditor defaults to scanning all the sub folders under a given
72. highlighted 3 You may also select Highlight Items for highlighting rows containing certain Permissions and Account status in the report data Select the desired Permissions and status of Accounts that need to be highlighted 323 Chapter 4 NTFS Security Manager 4 You may also select Include group members information for include members of a group and their sub group members at all group levels in the report 5 Click Next to proceed to the Next step Step 5 Delivery Options A Power Export Standard Reports Step 4of6 Delivery Options Select the report delwery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path All selected reports will be exported to a time stamped folder in the format yywyy mm dd hh mm ss under the task name folder Expert Type Export Export Path Users Public Documents NTFS Security Manageme Micheal Reseachlab com E mail Settings Compress the attachment Note This evaluation version exports e mails only the first 10 records 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path Click Additional E mail Settings button to specify optional e mail settings as shown below 324 Chapter 4 NTFS Security Manager You can customize the SMTP Server From and oe address Subject and body of
73. in NTFS Security Auditor Module You can apply Scan Profile Shares to permissions reports This is especially useful if you want to generate permissions reports for certain Shares frequently The following shows permissions reports that involves shares profile List of Permissions Reports Report Name List of permissions for specific users and groups Reports the folder permissions assigned to on folders specific users and or groups on a selected set of folders List of permissions for folders Reports the permissions associated with a selected set of folders List of permissions for specific users and groups Reports the files permissions assigned to specific on files users and or groups under a selected set of folders List of permissions for files Reports the permissions associated with files under a selected set of folders List of all permissions for folders Inherit amp Reports the permissions for users assigned in the Explicit folders directly and inherited by means of nested groups List of effective permissions for users and groups Reports the effective permissions for users and List of effective permissions for users and groups Reports the effective permissions for users and List of effective permissions for specific users and Reports the effective permissions for specific List of effective permissions for specific users and Reports the effective permissions for specific groups on files users and groups for fil
74. in Reports Step 3 of 7 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of effective permissions for specific users and groups on folders UNC Path Folder Path Indude sub fold Folder level WRD10 TestShareFolder m Pr Do not display folders that have the same permissions as the parent folder Edit Folder Options 1 Select the desired folder s for which you wish to run the permissions report You may also click Import button to import a list of UNC folder paths from a text file 3 Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Options button That will show up a window as shown below 311 Chapter 4 NTFS Secu
75. in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Options button That will show up a window as shown below 256 Chapter 3 NTFS Security Auditor Folder Options Folder Path MTE Indude sub folders E Traverse only level s of sub folder in the shared folder or Apply this setting to all folders in list 5 Modify the folder options as required and click OK 6 If you want to exclude specific accounts select Exclude Accounts option Click Accounts button That will show up a window as shown below Exclude Accounts Exclude the following accounts Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users E NT AUTHORITY SYSTEM E BUILTIN Users 7 Select the accounts for which you want to exclude and click OK 8 You can use Customize option to exclude some of the fields from the report as displayed below 257 Chapter 3 NTFS Security Auditor E Full Path
76. list Click OK to proceed Click Finish to generate the selected report After the data collection process is complete the report would be generated in a report window as shown below 40 Chapter 3 NTFS Security Auditor Q Refresh 3 Export P Filter Sa E mail Report Details Report Name List of permissions for specific users and groups on folders Generated on 09 Jun 2014 04 45 35 PM Status Success User Name Sub Folders Owner Apply To BUILTIN Administr RD10 NETLOGON NETLOGON BUILTIN Administre Group moe E E ee Subfolders andfiles only Traverse Folder E This folder only PHOENIX Domain Admins Promnsnaniisrtorjalow jno rateo Subfolders andfiles only Traverse Traverse Folder E This folder only _ r cre Traverse Traverse Folder E This folder only inane aoe ee a This folder only ee a Traverse Folder E This folder only omcreeay This folder only fname Traverse Traverse Folder E This folder only PHOENIX Enterprise Admins group a tion Mo recent Subfolders andfiles only E This folder only 41 Chapter 3 NTFS Security Auditor List of permissions for folders This report allows you to view the associated permissions for specific folders Click on S Shares and Resources button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only
77. m y or XE pt ons i ffe 2 i Step 2 of 4 Search for ACLs that do not have the following permissions Select ACE Type and Permissions Search for folders files not having these permissions The search results will contain only those folders fles that do not have the selected permissions ACE Type Allow Deny Show inherited only Show explicit only Show inherited or explicit Show ACLs with both inherited and explicit Show folder files that do not have these permissions Basic Permissions Special Permissions Traverse Folder Execute File E List Folder Read Data E Read Attributes Read Extended Attributes Create Files Write Data Create Folders Append Data E Write Attributes E Write Extended Attributes l E Delete Subfolders and Files E Delete E Read Permissions Change Pennissions E Show folders files only f all the above permissions are not present Step 3 Search for ACLs that do not have the following accounts Select Accounts and search for folders files that do not have these accounts The search results will contain only ACLs of those folders files that do not have the selected accounts 154 Chapter 3 NTFS Security Auditor SaaS Beep ee pe eee Sa Gee erry ey 7 DYE oO Edareyrl 4 i IZ TU S olL TU Co LEJL EH S 3 ALi Step 3 of 4 Search for ACLs that do not have the following accounts Select Accounts and search for folders fles not having
78. next and final step PRP 262 Chapter 3 NTFS Security Auditor Step 6 Summary Step 60f6 Summary Click Finish to save the task details C Wsers Public Docume Click here to view Security Management Suite List of permissions for folders 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Schedule Tasks 263 Chapter 3 NTFS Security Auditor List of permissions for specific users and groups on files This report allows you to view file permissions for specific users and groups option under Power Export This will bring up the Power Export Wizard Step 1 Report Selection tf Power Export Built in Reports Step 1of7 Report Selection Select the desired report to proceed Only one report can be selected in this category z List of permissions for specific users and groups on folders List of permissions for folders pis E List of permissions for files B List of all permissions for folders Inherited amp Explicit E List of effective permissions for users and groups on folders vee List of effective permissions for users and groups on files i E List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files 1 Select Permissions Reports from the select report category drop down list
79. of 6 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of permissions for files UNC Path Scan Profile Shares Select a Profile ao Folder Path Indude sub fold Folder level VRAD 10 TestShareFolder True All Do not display files that have the same permissions as the parent folder Edit Folder Options mE Aan Exclude inherited permissions 1 Select the desired folder s for which you wish to run the permissions report You may also click Import button to import a list of UNC folder paths from a text file 3 Files that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want files with identical permissions as the parent folder reported then select Do not display files that have same permissions as the parent folder option This option will not report files with identical permissions as the parent folder 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Options button That will show up a window as shown below 2
80. on them ese ee ed 496 Chapter 4 NTFS Security Manager How to view Power Search Permissions DACL Reports saved earch button under Power Search gt New Search in button in the toolbar Click on The Power Search window will be displayed as shown below Step 1 Select Shared Folder s File s Select one or more servers to enumerate its Shared Folder s File s Power Search Step 1 of 4 Select Shared Folder s Files Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile 497 Chapter 4 NTFS Security Manager Power Search Step 1 of 4 Select Enter the full pati paths from a texi y properties for sca jew and select Shares and Folders available from computers displayed below Share Folder UNC Domain Controllers Sa RD10 J WRD10 aDMINs LJ Romes L WRD10 WETLOGON WARD LO WEW TEST FOLDER WRD10 MEW TEST FOLDER SHARE VAD 10 Ntfs test folder permissions _ WRD10 WTFSTESTFOLDER 3 L Web 10 sysvoL E YRD 10 Test folder permissions E YRD 10 TestShareFolder VRD10Wsers Scan Profile ha Folder Path 3 V Do not display Bal RESEARCHLAB C Include files pr 49
81. one report can be generated at a time Built in Reports List of permissions for folders Step 1of2 Select Report Select a report from the available Built in Reports Description This report lists the List of permissions for specific users and groups on folders permissions assigned to a 2 permisons for cers spect ae List of permissions for specific users and groups on files List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders a 4 Permissions B List of effective permissions for users and groups on files 3 List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files Click Next to proceed to the next step Step 2 Select shared folders Select one or more servers to retrieve available shares 42 Chapter 3 NTFS Security Auditor Step 2of2 Select serve Enter the tull path ofa sha a z a AD folder paths from a text file View and select Shares and Folders available from computers displayed below Share Folder UNC Path _ Scan Profile Shares e Folder Path dO Do not display folders tha same permissions as the Indude group members irll _ Indude group membershi 43 Chapter 3 NTFS Security Auditor Built in Reports List of permissions for folders Step 2o0f
82. paths from a text file Share Folder UNC Path ao Scan Profile Shares Select a Profile Folder Path Add From _Imoort_ Cancel e Click Add From e Expand Select a Scan Profile Computers and enumerate servers in the profile to select its shared folder s file s e Select the shared folder s file s displayed under the servers 540 Chapter 6 Scan Profiles Manager Grant Permissions Wizard Step 1 of 6 Select sh Enter the full path 4 7 res from a text file View and select Shares and Folders available from computers displayed below Share Folder UNC P Scan Profiles Computers Scan Profile Sharg d Share Server ADVENTURE Folder Path fm RD11 C WRD11 ADMINS LJ wro1nics LJ Waozi p All ADVENTURE Hil VSSLAB e The selected shared folder s file s will be added to the wizard as shown below 541 Chapter 6 Scan Profiles Manager Grant Permissions Wizard Step 1 of 6 Select shared folder s file s Enter the full path of a shared folder file Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Share Folder UNC Path Scan Profile Shares Select a Profile Falder Path Wwd49 test folder e In the subsequent steps select the necessary details for granting permissions for shared folder s file s selected from Scan Profile Computers servers 542 Chapter 6
83. permissions existing in descendant with the inherited permissions from the current object The Grant Permissions feature allows to remove explicitly defined permissions on all descendant object and replace them with the inheritable permissions from the shared folder s file s permissions list Grant Permissions Click on button The Grant Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Grant Permissions for selected Shares e In step 4 select the option Replace all child objects existing permissions with the inheritable permissions from this object Grant Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to add permissions to the selected shared folder s fle s permissions list Assignment Rule Add the selected pemissions to the existing permissions list f the selected account already exists in the permissions list Add the new permissions to the account s existing permissions d Replace the account s existing pemissions with the new permissions oe E Also apply the above to subfolders and files that do not have inheritance set noninherited folders and files oo Remove all existing accounts and replace with the selected accounts and permissions eG Replace all child object existing pennissions with inhertable pennissions from this object Ci Export child objects existing pennissions Inheritance Rule Back Next Cancel e Click Nex
84. permissions template select a Revoke permissions template which you want to delete and then click Delete button The selected template will be deleted permanently Preview the settings of a Template To preview the settings of a saved Template select a saved Revoke permissions template and then click View Details button The settings will be displayed in a window as shown below Saved Permissions Template Select any template from the list of saved templates to proceed Click Open to modify the selected template Click Delete to delete any selected template and Click View Details to view the contents of selected template Template Name Description Template Type 4 Grant permissions task forthe common share Grant A Grant permissions task 1 forthe Admin share folder Grant S Revoke permissions task for the common share Revoke Revoke permissions task 1 for Admin share Revoke Report Name Revoke permissions task1 Revoke the selected set of Accounts and their permissions from the selected shared folder s file s permissions list Account Selection Mode Selected Accounts Selected Security Principals 1 vsspro Alex 2 Vsspro james Golartod chsareod Foaldor ci filol c 394 Chapter 4 NTFS Security Manager Modify Permissions How to view the share permissions How to grant permissions for a shared folder file How to add new accounts to the folder file permissions list How to replace an account with a
85. policies cccccssscccccesssecceeeeeeseeeeaeeeeeeeeaees 117 Security VIEW GF aaar edanuinvocaecdesnducvend edevepavedendensetacdeseeteveesceieverscedesutns 123 How to view the permissions for Shares and local drives ccccccssssecccccessececceaesecceseeeseccesaueeeeeseaaeceeseaaeeeeeseees 124 How to enumerate shared folders files cccsscccssseccccssecccceseccscnsccccesececcececcscuceceseseceacacescseneeeeseneseacaceseneneeees 132 Power Searchin n Gauieacauicasconuceatecutunerassuntuccescesus conmmeuaccumestacsousscssoceveds E paneceansenteanncouins 137 ROUT POWERS CACM enaa aa a a a O 138 How to view Power Search Permissions DACL Reports seesssesessrrreesrrrreesrrrressrrrressrtrressrteressrtressereresserrreseeeee 139 How to view Power Search Exceptions DACL Reports ccccccccccccsssseeccececceeessecceceeeeeeeseeeceeeseaueeseeeeeeeeauannseees 149 How to view Power Search Auditing SACL Reports sssss esssssssrereessssrrreressssrrrrresssssrrereessserrereessssererressssrrereees gt 159 HOW tomanace POW EN Seal Clie esaea O A E 169 COMPE AGES cra TE r E AS EA A EAEE E E A aE 171 About compare ACLS oeoa E AAE T dna A A A 172 HOW to Compare AGES OTTOS Parus N a aa a a Ta 173 How to Compare ACLs of a folder with exported ACL data of another folder sssssssssssessrressrressrrrssrrresrrreserees 177 Sec rity VUINGFADINTIOS ssn e e a e eure Beas 182 How to view Security Vulnerabilities REPOrts arisia ane
86. policy if there is an exact match Shared folder s file s 1 RDS WTFSSM Test 2 WARDS 1 Test folder Central Access Policy Name Policy for countries Export Current Central Access Policies oe Back Finish Cancel Click Finish to complete the Revoke CAP wizard Central Access Policy will be revoked as specified in the wizard The summary of all the input data would be shown below along with the View change log option to view the task completion status 491 Chapter 4 NTFS Security Manager Summary lt Revoke Central Access Policy Report gt A Selected Revoke Mode Revoke a central access policy if there is an exact match Policy Name Policy for countries Shares Folders RDSI SNTFSSM Test WROS1 Test folder Template Name Poveko CAP Carmnla View change log 492 Chapter 4 NTFS Security Manager How to reuse the Revoke CAP template The Saved Templates contains the list of saved templates to Apply CAP Revoke CAP Grant Permissions Revoke Permissions and copy Permissions Saved Templates Click on button in the toolbar The Saved Templates window will be displayed as shown below Saved Templates Select any template trom the list of saved templates to proceed Click Edit to modify the selected template Click Delete to delete any selected template and Click View Details to view the contents of selected template Template Name Description Template Type Apply CAP Sample ApolyCAP
87. revoke a central access policy From the shared Folder s filets Revoke any applied CAP from selected shares and folders oe Revoke a specific CAP from selected shares and folders A Next Cancel 483 Chapter 4 NTFS Security Manager Revoke Central Access Policy Select any one of the options to revoke a central access policy From the shared Folder s filets O Revoke any applied CAP from selected shares and folders oe Revoke a specific CAP from selected shares and folders a Next Cancel Click Next to proceed to the Next step Step 2 Select shared folder s file s Select shared folder s file s by using any of the input options displayed 484 Chapter 4 NTFS Security Manager Revoke Central Access Policy Step 1 of 3 Select Shared Folder s File s Enter the full path of a shared Folder file Click Add From to load the list of shares Inport to import a list of UNC Folder paths From a text File Scan Profiles Shares eMo Profile found gt w oa Folder Path Domain name Add From Import oe Remove Apply to all the sub folders Include files present inside folders Back Next Cancel e f you want to select shares from servers for which you wish to add then click Add From option e Select one or more servers to enumerate its shared folder s file s 485 Chapter 4 NTFS Security Manager Revoke Central Access Policy Stee ob ae Select Shares Enter the Full pal Fold th ee
88. same permissions as the parent folder V Include group members 7 Indude SID Customize Indude group membership F Exclude inherited permissions r Finish a You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default You can select Include SID option to include SID value for user in the report You can select Exclude inherited permissions option to exclude inherited permissions from the report You can select Include group membership option to include all membership information of user and group in the report You can select Include group members option to include all the members of a group and their sub group members at all group levels in the report You can use
89. shares in the selected server by selecting All shares option or Select share s option respectively You can also optionally include the sub folder s information by selecting the Include sub folders option The files having permissions identical to the parent folder would show up with Same as parent in both User Name and Security fields in the report If you do not want files with identical permissions as the parent folder reported then select the Do not display files that have same permissions as the parent folder option This option will not report files with identical permissions as the parent folder 95 Chapter 3 NTFS Security Auditor To view up to a certain level of sub folders and files select the Traverse only n level s of sub folder in the share option and specify a sub folder level where the levels are numbered as follows server sharename Level 1 Level 2 Level 3 Note The Include sub folders option defaults to enumerating all the sub folders unless you specify a sub folder level in Traverse only n level s of sub folder in the share option Note The Do not display files that have same permissions as the parent folder option would be enabled by default The report would be displayed as below O Shares and Resources Files RD451 Refresh p Export F Filter AE Customize G3 Scan Profiles Computers Egy E mail en EA Enterprise SHARES F Shares r Folders _ Files
90. ss ss 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate the report even if errors are encountered during the validation option o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Select error information that needs to be highlighted 3 You may also select Highlight Items for highlighting rows containing certain Permissions and Account status in the report data Select the desired Permissions and status of Accounts that need to be highlighted 296 Chapter 4 NTFS Security Manager 4 You may also select Include group members information for include members of group and their sub group members at all group levels in the report 5 Click Next to proceed to the Next step Step 4 Delivery Options A Power Export Standard Reports Step 4of6 Delivery Options Select the report delwery options You can Export and E mail the re
91. the desired Permissions and status of Accounts that need to be highlighted 4 Click Next to proceed to the Next step Step 4 Delivery Options 4 Power Export Standard Reports Step 4 of 6 Delivery Options Select the report delvery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path All selected reports will be exported to a time stamped folder in the format ywywyy mm dd hh mm ss under the task name folder Export Export Path Wsers Public Documents NTFS Security Manageme Micheal Reseachlab com E mail Settings Compress the attachment Note This evaluation version exports e mails only the first 10 records 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path Click Additional E mail Settings button to specify optional e mail settings as shown below 288 Chapter 3 NTFS Security Auditor You can customize the SMTP Server From and oe address Subject and body of the e mail messa Subject Reports generated by NTFS Security Management Please find the attached report generated by NTFS Securty Management Suite 289 Chapter 3 NTFS Security Auditor Step 5 Schedule Settings a Power Export Built in Reports Step 5of6 Schedule Settings Enter a unique task name and specify its schedule set
92. the object s name in the list and then click Add recipient to Find Warnes Find Names in All Global Address Lit Display Name de Last Name First name Title Alias Company Department Office City Office ER DE Wadtah contact DE aaa 2 DE liane user Deak AAD A Deco D Canavaro deco He Design Design dethgtgh 9999999 A Development Development Add recipient to To Properties Close To get more information about one of the names in the list such as department or phone number select the name and then click F 9PE Es 526 Chapter 6 Scan Profiles Manager How to find data in a report You can use the find feature in NTFS Security Management Suite to search for specific data in a report To search for data in a report just type the characters or words you want to find in the find edit box 1 NTFS Security Management Suite performs a case insensitive search of the specified search criteria in the report available in the report window and click on 2 The search criteria should not be enclosed within quotation marks 3 You can use the wildcard character in the search criteria The wildcard character act as a place holder for zero or more characters However note that you cannot use the wildcard character in the search criteria For instance if you want to search for Domain in a report Type Domain without quotations in the edit box and then cl
93. the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default You can select Include SID option to include SID value for user in the report You can select Exclude inherited permissions option to exclude inherited permissions from the report You can select Include group membership option to include all membership information of user and group in the report You can select Include group members option to include all the members of a group and their sub group members at all group levels in the report You can use Customize option to exclude some of the fields from the report as displayed below 39 Chapter 3 NTFS Security Auditor E Full Path Folder Path Sub Folders E Owner UsernGroup Name E Account Type Type Inherited amp Explicit Effective Permissions NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Include sub folders E Traverse only 1 level s of sub folder in the shared folder F F Apply this setting to all folders in
94. the report to be generated Only one report can be generated at a time Built in Reports List of effective permissions for users and groups on folders Step 1of2 Select Report Select a report from the available Builtin Reports Description This report lists the effective permissions for users and E List of permissions for folders groups assigned to set of folders a 4 Permissions List of permissions for specific users and groups on folders List of permissions for specific users and groups on files List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files 3 List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files Click Next to proceed to the next step 64 Chapter 3 NTFS Security Auditor Step 2 Select shared folders Select one or more servers to retrieve available shares folder paths from a text file properties for scanning eac d Domain Controllers 65 Chapter 3 NTFS Security Auditor Built in Reports List of effective permissions for users and groups on folders Step 2o0f 2 Select server s for Shared Folders list Enter the full path of a Share or Shared
95. the report would be generated in a report window as shown below O Refresh gs Export Ga E mail Find a Search name Tes erst Generated on 22 4ug 2071 04 46 12 PM Salus SUCCESS corm inherited Owner User Group Name SID RDSS TestLocagr Folder TestLocagroups List Folder Read Data BUILTIN Administr ADVENTURE Administ S 1 5 21 399114958 170841 1652 131 10397 WRDSS TestShare Folder TestShare Write Attributes Succe BUILTIN Administri ADVENTURE Alan S 1 S 21 3221124958 1708411652 13110397 mm mmm am ede Delete Subfelders and Files Failure BUILTIN Administr ADVENTURE Alan 5 1 5 21 3221124958 170841 1652 13 110397 Delete WRDESS TestLocegr Folder TestLocagroups Read Attributes BUILTIN Administr ADVENTURE Alberto Po S 1 5 21 3221124958 1708411652 13110397 1 Read Ectended Attributes Success BUILTIN Administr ADVENTURE alec Sr 1 21 32211249958 1 70841 1652 13 110597 T Write Extended Attributes Failure l BUILTIN Administr ADVENTURE Border 5 1 5 21 3221124958 1708411652 13 110397 _ Delete Subfolders and Files WROSS TestShare Folder TestShare Write Attributes Failure BUILTIN Administr ADVENTURE michael S A 5 21 3221124958 1708411652 15110597 Full Control _ noe BUILTIN Administr ADVENTURE michael S 1 5 21 3221124958 1708411652 13110397 WRDSS TestLocag Folder TestLocagroups List Folder Read Data l 55 BUILTIN Administr ADVENTURE mu
96. the selected shared folder and exported shared folder report Compare only leaf nodes in the shared folders This option will take selected shared folder of last child leaf nodes of sub folders and compare ACLs only those name sub folders that are common to the selected shared folder and exported shared folder report Compare ACLs Wizard Step 2 of 2 Select shared folder and exported file The exported file must be from any one of the built in permissions reports Select the shared folder and exported file using browse button Click Set subfolder levels to set the levels of subfolder s to read ACLs from Baseline reference Folder RDOIO WEW TEST FOLDER Browse Exported File to compare t Suite 2014 Eeport 2014 08 20 19 24 3 List of pennissions for folders HTML Browse iy E Indude sub folders Set sub folder levels Exdude inherited permissions Click Finish to generate the compared ACLs report 180 Chapter 3 NTFS Security Auditor 2 Refresh 35 Export G E mail Baseline reference Folder RD10 NEW TEST FOLDER Exported File to compare C Users Public Documents NTFS Security Management Suite 2014 Exp Generated on 8 21 2014 11 10 53 AM Folder Path Sub Folders User Name Permissions a Inherited Apply To RDIONEW TEST FOLDER B NEWTEST FOLDER PHOENDXdminusers aS os This folder subfolders and files Matched No _ This folder subfoldersandfiles Modified Permissions PHOENIX Testgoupes Traver
97. to propagate to this object m i RESEARCHLAB hA SPACENET 4 mT ISS S884 e Apply upto N level s of sub folder s in the shared folder This option will replace the account with the selected account on sub folders which are upto specified folder traversal level e Apply only Nth level of sub folder s in the shared folder This option will replace the account in sub folders which are in the specified traversal level only e Apply folders after N level s of sub folder s in the shared folder This option will replace the account in sub folders which are after the nth traversal level of the selected folder e Apply only leaf nodes in the shared folder This option will replace the account with the selected account in the last child leaf nodes without affecting the parent folder s permissions e Click OK button in the Folder Levels window The Accounts Selection window will be displayed as shown below 422 Chapter 4 NTFS Security Manager Permissions Full Control Select User Group Accounts Select the user andor group accounts for which you would like to Replace the permissions on Shares Tolders Account name ea Add to list ri Accounts from domain server O A AAAA Accounts from Scan Profiles Users Caroups Select a Profile Selected Accounts Account Name Account Type phoenix adminuser 2 Replace accounts on subfolders Set Search Pattem Set Folder Levels Inclu
98. to propagate to this object oo SPACENFT 1 Select the user or group for which you wish to add into the folder file permissions list 2 The selected accounts will be added to the wizard as shown below 412 Chapter 4 NTFS Security Manager Permissions Modifier Share Folder path Grant Permissions Accounts Basic Permissions Permissions H Add Domains 4 Refresh BUILTIN Administrators Account name eva Add to list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups a Selected Accounts Account Name Account Type phoenix sam phoenix saru phoenix Test phoenix test group phoenix testgoupes 4 R NRD O TestShareF C srent owner PHOENIX adminuserd H E WROIOWsers eaS aa Apply thes DPO o F Allow Inherited permissions from the parent containers within this container only ce RESEARCHLAB to propagate to this object coli SPACENET aap Replace Remove e Click Add button in the Accounts selection window Apply Ca e The newly added accounts will be displayed as shown below 413 Chapter 4 NTFS Security Manager How to enumerate shared folders files The Modify Permissions feature allows many options to enumerate the shared folders files in the entire network You can also enumerate and view the folders and files in the local file system Modify Permissions Click on button The Modify Permissions window will be d
99. users and groups on folders Account name Ci Accounts from domain server Browse Select Accounts from Scan Profiles Users sroups Selected Accounts 309 Chapter 4 NTFS Security Manager 2 amp Power Export Built in Reports Step 2 of 7 User Group Selection Select a server or a Scan Profile Computers or a Scan Profile Users Groups to retrieve available users and groups from Report Name List of effective permissions for specific users and groups on folders Account name ay Add to list oo Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt Mo Profile found gt oO Selected Accounts Account Name Account Type BUILTIN Administrators Local Group BUILTIN Backup Operators Local Group BUILTIN Guests Local Group BUILTIN Print Operators Local Group BUILTIN Terminal Server License Servers Local Group BUILTIN Wsers Local Group PHOENIX adminuser 1 User PHOENIX adminuser2 User PHOENIX adminuser3 User e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups 1 Select the user or group for which you wish to run the permissions report The selected users will be added to the wizard as shown above 3 Click Next to proceed to the Next step 310 Chapter 4 NTFS Security Manager Step 3 Shared Folder Selection A Power Export Built
100. which you would like to revoke permissions on selected shared folder s file s All existing accounts that have been assigned explicit permissions Selected accounts Orphaned SIDs lt No Profile found gt Account Name Account Type 364 Chapter 4 NTFS Security Manager Click Next to proceed to the next step Step 4 Select Access Control type and permissions Select ACE type permissions and also select the option Revoke only if there is an exact match Revoke Permissions Wizard Step 3 of 5 Select Access Control type and permissions Select the access control type and permissions to revoke From selected shared Folder s file s 00 All existing permissions Selected permissions ee Full Control oof Modify Read and Execute List folder contents Wl Read Write Advanced Permissions oo Traverse Folder E xecute File W List Folder Read Data V Read Attributes Read Extended Attributes i Create Files Wirite Data Create FoldersAooend Data Access Control Type i Allow E Deny J Revoke only if there ig an exact match objects that have exactly these permissions M cet nacaneehay e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Revoke Permissions from selected Shares permissions list 365 Chapter 4 NTFS Security Manager How to revoke all existing explicit permissi
101. with the selected accounts and permissions Note that this will not remove inherited permissions from parent folder 408 Chapter 4 NTFS Security Manager Caution All existing account permissions will be cleaned up completely and the newly selected permissions will be applied Example If the share has 7 accounts then this option will remove all the 7 accounts and replace with the new selected accounts and permissions Replace the account s existing permissions with the new permissions If a selected account already exists in the current list of permissions of the selected shared folder s file s this option will replace all explicitly assigned account permissions with the newly selected permissions for that account Example If the share already has some accounts with permissions like Allow Read and Write and if the same existing accounts selected with permissions Deny Modify to grant permissions then this option will replace the existing accounts previous permissions Allow Read and Write with new permission Deny Modify Otherwise if the selected account not exist in the share permissions list then it will add into the permissions list Replace all child objects existing permissions with the inheritable permissions from this object This option will remove explicitly defined permissions on all descendants of the selected shared folder s file s and replace them with inheritable permissions from the selected shared folder s file
102. with the task name will be created under the specified export path All selected reports will be exported to a time stamped folder in the format ywywyy mm dd hh mm ss under the task name folder ponte Export Export Path Wsers Public Documents NTFS Security Manageme E mail To Address Micheal Reseachlab com E mail Settings Compress the attachment Note This evaluation version exports e mails only the first 10 records 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path Click Additional E mail Settings button to specify optional e mail settings as shown below 251 Chapter 3 NTFS Security Auditor You can customize the SMTP Server From and oe address Subject and body of the e mail messa Subject Reports generated by NTFS Security Management Please find the attached report generated by NTFS Securty Management Suite 252 Chapter 3 NTFS Security Auditor Step 6 Schedule Settings A Power Export Built in Reports Step 6 of T Schedule Settings Enter a unique task name and specify ts schedule settings Task Name Folder specific user perm Specify an account that has suffident privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser3 Set Password Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set t
103. would like to copy permissions to the selected target shared folder s fle s permission list Assignment Rule Copy the selected permissions to the existing pennissions list f the selected account already exists in the permissions list Add the new pemissions to the account s existing pennissions o Replace the account s existing permissions with the new permissions Ci E Also apply the above to subfolders and files that do not have inheritance set noninherited folders and files Ci Remove all existing accounts and replace with the selected accounts and permissions oo E Replace all child object existing permissions with inhertable permission from this object oe Ci W Inheritance Rule Allow inherited permissions from this object s parent oo Block inherited permissions from this object s parent Copy inherited permissions oo G Remove inherited permissions Ci e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Copy permissions from one share to another share s 446 Chapter 4 NTFS Security Manager How to Copy Permissions from one share to another share s The Copy Permissions feature allows you to Copy Permissions from one share to another share s You can use many options like Add the new permissions to the account s existing permissions Replace the account s existing permissions with the new permissions etc You may select options to Allow Block inh
104. 2 Select server s for Shared Folders list Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level WRD10 NETLOGON True papi True YRD10 NEW TEST FOLDER SHARE True YRD 10 NTFSTESTFOLDER True gj Do not display folders thathave the Exclude Accounts ci Colder Ontions same permissions as the parent folder z ACCOUNT Indude group members E Indude SID Customize Gio eee Exclude inherited permissions You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent
105. 75 Chapter 3 NTFS Security Auditor Folder Options Folder Path MARE Indude sub folders E Traverse only1 level s of sub folder in the shared folder or Apply this setting to all folders in list 5 Modify the folder options as required and click OK 6 If you want to exclude specific accounts select Exclude Accounts option Click Accounts button That will show up a window as shown below Exclude Accounts Exclude the following accounts Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users E NT AUTHORITYASYSTEM E BUILTIN Users 7 Select the accounts for which you want to exclude and click OK 8 You can use Customize option to exclude some of the fields from the report as displayed below 276 Chapter 3 NTFS Security Auditor E Full Path Folder Path Sub Folders E Owner UserGroup Name E Account Type Type Inherited amp Explicit Effective Permissions 9 Select the customize options as required and click OK 10 You can select Exclude inherited permissions option to exclude inherited permissions from the report 11 Click Next to proceed to the Next step 277 Chapter 3 NTFS Security Auditor Step 3 Additional report settings pi Power Export Built in Reports Step 3 of 6 Additional report settings Select additional report settings Validate for Er
106. 8 Chapter 4 NTFS Security Manager Power Search Step 1 of 4 Select Shared Folder s Files Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level Add From VRAD 10 WEW TEST FOLDER True All VRAD 10 WEW TEST FOLDER SHARE True All Import VAD IO WNttfs test folder permissions True All WRD i0 Test folder permissions True All Remove W Do not display files that have the same permissions as the parent folder Edit Folder Options E Include files present inside folders Set Search Pattern You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder op
107. ADVENTURE michael shares folders WeDo Address Wrd4o basic per Wire Bu le Tast faldar View change log 411 Chapter 4 NTFS Security Manager How to add new accounts to the folder file permissions list The Modify Permissions feature allows you to add new accounts with the permission ReadandExecute to the permissions list Y Modify Permissions Click on button The Modify Permissions window will be displayed Step 1 Select folder file path e Follow the list of options to enumerate the shared folder file as outlined in How to enumerate shared folders files Step 2 Click Add button and select accounts Click Add button in the Basic or Advanced permissions The Account Selection window will be displayed as shown below Permissions Modifier Share Folder path Grant Permissions Accounts Basic Pennissions Permissions Allow Deny Add Domains Refresh BUILTIN Administrators J Accounts Selection Ea Select the user andor group accounts for which you would like to Grant the permissions on Shares folders Account name ena Add to list o Accounts from domain server Browse and Select Accounts from Sean Profiles Users Groups Select a Profile Selected Accounts Account Name Account Type ag OE es ppi onto s folder subtolders and files E e E Curent owner PHOENIX adminuser4 Gl fae WRDAOWsers A Allow Inherited permissions from the parent H I RESEARCHLAB
108. All YRD 12 Testfolder True All wd12 Users True All You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Folder Options Folder Path Indude sub folders Traverse only 1 level s of sub folder in the shared folder Mast Apply tnis seting toa folders init Click OK to proceed Click Finish to generate the selected report 111 Chapter 3 NTFS Security Auditor After the data collection process is complete the report would be generated in a report window as shown below Refresh ae Export Ey E mail Report Details Report Name Effective DAC permissions for Accounts having permissions on specific tc Generated on 16 Jan 2013 06 57 30 PM Status Success User Name BUILTIN Administr ate Folder Path Sub Folders Owner Applied Policy VWrdl2 Test Test BUILTIN Administrators Finance policy NT AUTHORITY S S WIN 2 administrator User 4ctive Account Type Access Limited by Probected Protected Finance Department Probected Protected Finance Department Protected
109. Apply onto This folder sub aniics E WAD49 ExchangeOAB aS Allow Inherited pemissions from the parent fad WRD4SIFS to propagate to this abject SSssoa SSOSSSSSSS8 8 HOEEOEORERERR00 OAAR Apply these permissions to objects andor containers within this container ory 438 Chapter 4 NTFS Security Manager Copy Permissions About Copy Permissions How to Copy Permissions from one share to another share s How to reuse the Copy Permission s template 439 Chapter 4 NTFS Security Manager About Copy Permissions The Copy Permissions feature allows you to copy permissions from one share to another share s You can use many options like Add the new permissions to the account s existing permissions Replace the account s existing permissions with the new permissions etc You may select options to Allow Block inheritance from the parent object and also Replace all child objects existing permissions with the inheritable permissions from this object while copying permissions to share Here is the list of actions you can perform using the Copy Permissions feature Note This feature will not break the inheritance from the parent of target object If you still wish to break the inheritance from the parent object you may use the option Block Inherited permissions from this object s parent to block inheritance Copy permissions from one share to another share s How to Copy source s
110. Apply these permissions to objects and or containers within this container only You may also verify the inheritance from the parent object allowed or blocked to this current object by using the option Allow inherited permissions from the parent to propagate this object If this option is checked then the inheritance from the parent to this current object has been allowed otherwise if unchecked it has been blocked 401 Chapter 4 NTFS Security Manager How to Grant Permissions for selected Shares The Grant Permissions feature allows you to grant permissions to the Shares You can use many options like Add the new permissions to the account s existing permissions Replace the account s existing permissions with the new permissions etc You may select options to Allow Block inheritance from the parent object and also Replace all child objects existing permissions with the inheritable permissions from this object while granting permissions for accounts Y Modify Permissions Click on button The Grant Permissions window will be displayed as shown below Step 1 Select shared folder s file s Select shared folder s files by using any of the input options displayed Permissions Modifier Share Folder path rmissic Accounts Basic Permissions Permissions Allow Deny g Add Domains Refresh Eb Scan Profiles Computers cea Share Server E posk Scan Profiles Shares i Public Shares H Domains i 3 Local Drive
111. Central Access Policies 117 Chapter 3 NTFS Security Auditor DAC Reports Folders affected not affected by DAC Central Access Policies Step 1of2 Select Report Select a report from the available DAC Reports Description E E DAC Reports This report lists the folders Effective DAC permissions for specific users and groups on folders affected not affected by the E Effective DAC permissions for Accounts having permissions on specific folders DAC Central Access Policy List of Central Access Policies CAP and Central Access Rules on the Domain Folders affected not affected by DAC Central Access Policies and Central Access Rules Click Next to proceed to the next step Step 2 Select shared folders Select shared folder s by using any of the input options displayed 118 Chapter 3 NTFS Security Auditor 1 i Pret M E Live Jak DE SSL ls TUT SEL be Step 2of2 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path de fe PES e Click the option Add From e Select one or more servers to enumerate its shared folders 119 Chapter 3 NTFS Security Auditor DAC Reports Effective DAC permi
112. Computers You can setup Scan Profiles to scan a subset of computers in the network and save these profiles for repeated use while generating reports useful for repeatedly scanning and reporting on different subsets of computers You can create Scan Profiles in one of the following ways e Selecting specific computers in the network e Selecting specific Windows versions e Importing list of computers from a text file e Importing list of IP addresses from a text file For more information about Scan Profiles follow the links given below e How to create Scan Profiles Computers e How to manage Scan Profiles Computers e How to apply Scan Profiles Computers 530 Chapter 6 Scan Profiles Manager How to create Scan Profiles Computers The Scan Profile Dialog allows you to create or edit a Scan Profile During edit operation the name of a Scan Profile and its type cannot be modified You can access the Scan Profile Dialog from the Scan Profiles Manager Perform the following steps to create a Scan Profile 1 Click New button in the Scan Profiles Manager window The Scan Profile dialog will show up on screen 2 Specify a name for the Scan Profile You must give a unique name for the Scan Profile 3 Specify how you want to create the profile by selecting appropriate profile type You can create Scan Profiles in one of the following ways A Selecting computers from network scan Profile Computers You can specif
113. Customize option to exclude some of the fields from the report as displayed below 51 Chapter 3 NTFS Security Auditor E Full Path Folder Path Sub Folders E Owner UsernGroup Name E Account Type Type Inherited amp Explicit Effective Permissions NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Include sub folders E Traverse only 1 level s of sub folder in the shared folder F F Apply this setting to all folders in list Click OK to proceed Click Finish to generate the selected report After the data collection process is complete the report would be generated in a report window as shown below 52 Chapter 3 NTFS Security Auditor Q Refresh Export Y Filter Gy E mail Report Details Report Name List of permissions for specific users and groups on files Generated on 09 Jun 2014 03 57 08 PM Folder File Folder File Account Access N Type Owner Type Type Members Member Type Inherited Security Apply To E BUILTIN Administy RD10 NETLOGON NETLOGON Folder BUILTIN Administr Group Allow PHOENIX Administratoi User No Full Control Subfolders andfiles only Traverse Folder E This folder only PHOENIX Domain Admi group PHOEND Administ No Full Control Subfolders andfiles only Traverse Folder E This folder only User Name Folde
114. EL 2013 2 32 34 bird 40 NTFSSM Test Mo Central Access P Revoke a central ad Task Completed Successfully FEL 2013 2 30 34 bird 1 testi No Central Access P Revoke a central ac Task Completed Successfully 515 Chapter 6 Scan Profiles Manager Additional Features How to Customize Fields How to Apply Filters How to Refresh Data How to Export Data How to Email Data How to find data in a report 516 Chapter 6 Scan Profiles Manager How to customize fields Clickon Customize lt n Custom View Domains Shares Customization PATHFINDER Share Mame Path Security Maximum Uses E Comment Select All OK Cancel Select All Setect an for selecting all the check boxes Clear All Click Click for clearing all the check boxes Click button for confirming the changes T Click cence button for canceling the operation in Standard Reports for customizing the information 517 Chapter 6 Scan Profiles Manager How to Apply Filter Click T Filter in Standard Reports for setting filter options The Filter window will be displayed ra Filter Dormains Shares Field Operator Yalues Host Name RD45 dd to Filter OK Cancel To set a filter condition follow these steps 1 Click Clear All button and clear the filter 2 Choose a field name an operator and a possible value from the respective dropdown options 3 Click 4
115. Effective Access for specific user and groups on folders Step 1of3 Select Report Select a report from the list of Security Vulnerabilities Reports Security Vulnerabilities 2 2 This report lists the effective List of all explicit permissions for folders ae aes B List of folders with broken inheritance and their permissions usergroup account on folders B List of permissions for orphaned accounts on folders List of permissions for disabled user accounts on folders List of permissions for accounts having destructive access on folders List of folders that have Deny permissions set both Explicit and Inherited E List of user accounts that have indirect access to folders due to nested group membership List of Effective Access for specific user and groups on folders E List of folders that have permissions for Everyone group Click Next to proceed to the next step Step 2 Select User Group Accounts Select user and or group accounts for which you like to view the effective permissions for folders files 217 Chapter 3 NTFS Security Auditor Security Vulnerabilities List of Effective Access for specific user and groups on folders Step 2o0f3 Select User Group Account s Select user and or group accounts for which you would like to view the permissions on files folders Account name eu Add to list Accounts from Scan Profiles Users Groups Select a Profile Accounts from d
116. F Enter the full pat paths from a text View and select Shares and Folders available from computers displayed below da Add Domains Scan Profiles Computers Scan Profles Sha lt No Profile found Configure using Scan Profiles Manager gt Domains ide TA DISCOVERY i i Domain Controllers gt a o VRD nokia sbe WRD46 ARKAD Screen Shots Remove L_ VRD46Exch 2007 SP1 id Roes C WRD46 sampletask WAD46 Share folder for unknown test me WRD46 sony e Use Select a Scan Profile Shares option to use the shares added in the profile 451 Chapter 4 NTFS Security Manager Copy Permissions Wizard Step 2 of 6 Select Target Shared Folder s file s Enter the full path of target shared folder jfile Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Share Folder UNC Path Sean Profiles Shares test shares Folder Path Add From Wrd46 Bulk folders for Manager Wwd46 EWS Share Import Wwd46 new Vid 46 Permissions folder You may also type the UNC path of a shared folder that is not in the list and then click Add to add it to the list In addition you may also import a list of UNC paths to shared folder list from a text file by using the Import button Click Next to proceed to the next step Step 3 Select Permissions Access Control Entries Select permissions Access control entries to copy accounts to the sel
117. FEATURES cronni ai e E O S A E R 516 How to CUSTOMIZE TICIOS 2 asacsndsieassusivoacvedsvsessierevsvesuiadsucduteua ve a N a 517 HOW TO ADDIY Eter caa A A N O E A E aA 518 Howto REWMES NO Abas aicoasvoudcotenes cuneetccnteres caueacecuavautecuussudsandencedvacuvadedseusudevodcoudeautenus convenascceseous cusmouncsueesunceunes 520 HOW TO EX DOr data ramona A OT 521 Howto E maibldata saisir A N N 523 HOW tO TING Catala TEDORC r acsana nann A OES 527 SCAN PROEIRES MANAGER tices iain saee recess cucinatenalce ts A E A 529 About Scan Profiles Computers ssessessesseosesseoseosecssoesseesesseosecseoseoseossossosssesseoseosecsecsecssossoescescessessessecseossosesese 530 How to create Scan Profiles Computers sssssssssoesoessessessesseoseosecssossossosssesceosecsecseosecssoseoessesoesseosecseosecseoseoese 531 How to manage Scan Profiles Computers esssssssesoessessesseoseoseoseossossossoessessessecsecseosecssossossoessessessecseosecssoseoese 536 How to apply Scan Profiles Computers in NTFS Security Auditor Module ccsccssccssccsscccsscesccesccescceccesces 538 How to apply Scan Profiles Computers in NTFS Security Manager Module csccssccssccsscccsscesscesccescescceeces 540 About Scan Profiles Users Groups ssssssssesssesssesosesoseeossssssesosesosssosseosseosseossesssesosssosesosseossessssossesosesosseosssosseee 543 How to create Scan Profiles Users Groups sssssesssosesosssosss
118. Folder Execute File PHOENIX Domain group PHOENIX Administ Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENIX Enterpris group PHOENIX Administ Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENIX TestGrot group PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOEN Ix TestGro4 group PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGrot group PHOENDX adminus Explicitly assigned Traverse Folder Execute File PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOENDX TestGrot group PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGro group Explicitly assigned Traverse Folder Execute File DIIT TAN Cantar Nr Alinna Demnlirith anninnad Traenrenan Cnldar I Denman Cila l 73 Chapter 3 NTFS Security Auditor List of effective permissions for specific users and groups on folders This report lists the effective permissions assigned to
119. Folder Options 1 Select the desired folder s for which you wish to run the permissions report You may also click Import button to import a list of UNC folder paths from a text file 3 Files that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want files with identical permissions as the parent folder reported then select Do not display files that have same permissions as the parent folder option This option will not report files with identical permissions as the parent folder 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Options button That will show up a window as shown below 321 Chapter 4 NTFS Security Manager Apply this setting to all folders in list 5 Modify the folder options as required and click OK 6 You can use Customize option to exclude some of the fields from the report as displayed below Fields E Full Path Folder Path Sub Folders E Owner UserGroup Name F Account Type Type Inherited amp Explicit Effective Permissions 7 Select the customize options as required and click OK 8 Click Next to proceed to the Next step 322 Chapter 4 NTFS Security Manager Step 4 Additional report settings pi Power Export Built in Reports
120. Group Account s Select user andor group accounts For which you would like to view the permissions on files folders Enter account name jem Add to list oe Accounts fram damainiserver Browse and Select Accounts from Scan Profiles Userssroupsy Frequent SCANS ka rit S lected Accounts Adventure adminuser Account Name Account Type Remove Reset 4Adyventure 4lan Adventure Alex Adventure Michael Builtin 4drmninistrators e Inthe succeeding steps select needed details for generating reports for selected users and groups Scan Profiles Users Groups and Power Export Tool off line report generation You can apply a Scan Profile Users Groups to permissions reports using Power Export Tool for off line generation standard Reports wal Shares and Resources scheduled Tasks e Click on button in the toolbar e Select any one of the permissions reports listed above and click Next to proceed e Inthe next step select the option Select a Scan Profiles Users Groups as shown below 553 Chapter 6 Scan Profiles Manager z Power Export Built in Reports Step 2 of 6 User Group Selection Select a server or a Scan Profile Computers or a Scan Profile UsersAsroups to retrieve available users and groups fram Report Mame List of permissions For specific users and groups on folders Enter account name ems Add to list Ci Accounts from domainiserver Browse and Select Accounts
121. IN Replicator Local Group BUILTIN Wsers Local Group PHOENIX Administrator User PHOENIX adminuser 1 User PHOENIX adminuser4 User e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups 1 Select the user or group for which you wish to run the permissions report The selected users will be added to the wizard as shown above 3 Click Next to proceed to the Next step 266 Chapter 3 NTFS Security Auditor Step 3 Shared Folder Selection A Power Export Built in Reports Step 3 of 7 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of permissions for specific users and groups on files UNC Path Folder Path Indude sub fold Folder level WARD 10 TestShareFolder True All Exclude inherited permissions 1 Select the desired folder s for which you wish to run the permissions report You may also click Import button to import a list of UNC folder paths from a text file 3 Files that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However i
122. ISCOVERY DISCOVERY IUSR_RD46 d i Domain Controllers DISCOVERY MailUser1 gH Ross DISCOVERY adminuser G E WRD46 nokia DISCOVERY abraham fat WRD46 ARKAD Ser DISCOVERY test Accounts Advanced Permissions AccountName ACEType Inherited RDS tas BUILTIN Administrators Allow Ee WAD46 Share folde DISCOVERY Domain Allow ga WRD46sony DISCOVERY Enterpris Allow E8 WAD46 test group DISCOVERYNIUSR RF Allow ES WAD4S new DISCOVERY Maillser1 Allow EE WRD4S Exchangell DISCOVERY adminuser Allow WAD46 E fective DISCOVERY abraham Allow ES WRD46 BMW share DISCOVERY test Allow E8 WRD46 Example BUILTIN Administrators Allow a8 WRD46 Resources E8 WAD4B Exchanged PNn4FiParmiesinns T Allow Inherited pemissions from the parent a BS to propagate to this abject Curent owner BUILTIN Administrators oe 134 Chapter 3 NTFS Security Auditor Select Scan Profiles Computers and follow the steps below e Select one or more servers to enumerate its shared folder file e Select a shared folder file path CREATOR OWNER NT AUTHORITY SYSTEM BUILTIN Administrators Sean Profiles Computers BUILTIN Users 6i Share Server d DISCOVERY Special permissions O AAAA R Accounts Advanced Permissions Account Name ACETyp Inherited CREATOR OWNER NT AUTHORIT SYS MarS BUILTIN Administrators EE WRD46 s0ny BUILTIN Users EE WRD46 test group BUILTIN Users EE WRD46 inew BUILTIN Administrators Ee
123. If the share already has some accounts with permissions like Allow Read and Write and if the same existing accounts selected with permissions Deny Modify to Copy Permissions then this option will replace the existing accounts previous permissions Allow Read and Write with new permission Deny Modify Otherwise if the selected account not exist in the share permissions list then it will add into the permissions list Also apply the above to subfolders and files that do not have inheritance set non inherited folders and files This option will copy permissions to the target object s subfolders and files that do not have inherited permissions from its parent object with respect to the above options Note If this option is checked the subfolders and files must have the applicable rights for the owner or the currently logged on user to perform this operation Example If the target share has some subfolders and files with the blocked inheritance then this option will copy permissions based on the selected options Remove all existing accounts and replace with the selected accounts and permissions This option will remove all existing accounts that have explicitly assigned permissions for the selected target shared folder s file s and replace them with the selected accounts and permissions Note that this will not remove inherited permissions from parent folder Caution All existing account permissions will be cleaned up completely and the new
124. NER PHOENIX adminus Well Known Sid User Active Allow Full Control Full Control Subfolders andfiles only This folder subfolders and files Chapter 3 NTFS Security Auditor List of folders that have Deny permissions set both Explicit and Inherited This report allows you to view Deny permissions assigned to folders Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Security Vulnerabilities List of folders that have Deny permissions set both Explicit and Inherited Step 1of3 Select Report Select a report from the list of Security Vulnerabilities Reports Description This report lists Deny permissions assigned to Security Vulnerabilities List of all explicit permissions for folders E List of folders with broken inheritance and their permissions folders B List of permissions for orphaned accounts on folders List of permissions for disabled user accounts on folders g List of permissions for accounts having destructive access on folders E List of folders that have Deny permissions set both Explicit and Inherited List of user accounts that have indirect access to folders due to nested group membership List of Effective Access for specific user and groups on folders List of folders that have permissions for Everyone group Click Next to proceed to the next s
125. NTFS Security Management Suite NTFS Security Management Suite 2014 Copyright 2014 Vyapin Software Systems Private Limited All Rights Reserved Email support vyapin com Web wwwvyapin com Last Updated June 2015 Copyright 2014 Vyapin Software Systems Private Limited All rights reserved This document is being furnished by Vyapin Software Systems Private Ltd for information purposes only to licensed users of the NTFS Security Management Suite 2014 software product and is furnished on an AS IS basis that is without any warranties whatsoever express or implied External Data Connector is a trademark of Vyapin Software Systems Private Ltd Information in this document is subject to change without notice and does not represent any commitment on the part of Vyapin Software Systems Private Ltd The software described in this document is furnished under a license agreement The software may be used only in accordance with the terms of that license agreement It is against the law to copy or use the software except as specifically allowed in that license No part of this document may be reproduced or retransmitted in any form or by any means whether electronically or mechanically including but not limited to the way of photocopying recording or information recording and retrieval systems without the express written permission of Vyapin Software Systems Private Ltd an WAVYAPIN Vyapin Software Systems Private Limited
126. Path Indude sub folders Folder level Add From VRAD 10 WNEW TEST FOLDER True All WRD 10 NEW TEST FOLDER SHARE True All a VAD LOWNtts test folder permissions True All WRD 10 Test folder permissions True All Dai Do not display files that have the same permissions as the parent folder Edit Folder Options F E Include files present inside folders Set Search Pattern Cancel You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default You can use Customize option to exclude some of the fields from the reports as displayed below 151 Chapter 3 NTFS Security Auditor Fields E Full Path Folder File Path Object Type Folder File Name Permissions Access Control T
127. S ADVENTURE adminuser Allow feet WRD4S E Tf supp folder Eg WRD49 ExchangeOAB Allow Inherited permissions from the parent foe WRDASIFS to propagate to this object Foe AOO Curent owner BUILTIN Administrators ea WANES 433 Chapter 4 NTFS Security Manager e Check the permissions you want to add and uncheck the permissions you want to remove in the permissions column e Click the button Apply to update the basic permissions for the selected account Caution If all the permissions are unchecked the account will be completely removed from the ACE list Permissions Modifier Grant permissions Accounts Basic Permissions Permissions g Add Domains Refresh ADVENTURE alec Full Control seen No Share Profile found Configure OVENTURE Martin Modify Domains ADVENTURE alex Read and Execute List folder c 4a ADVENTURE T ADVENTURE Robin Read 5 ay Domain Controllers ADVENTURE Richarc Wirte SM Rs BUILTIN Administrators Special permissions dB wu NT AUTHORITY SYSTEM Ee WRD49 22 fd MRD4SAddress Accounts Advanced Permissions Pg WRD49 admin folder Account Name ACEType Inherited EE WRD4S ADMINS ADVENTURE alec Allow No Eg WRD49 basic per ADVENTURE Martin Allow No Es WAD49 Bulk Test folder ADVENTURE alex Allow No ae WRD49 Bulk test folderi ADVENTURE Robin Allow No Es WAD4S BulkTestwWithOu ADVENTURE Richard Allow EE
128. S Security Auditor DAC Reports Effective DAC permissions for specific users and groups on folders Step 3 of3 Selec folder paths from a view an properties for scann da Add Domains Folder Path Wrd12 Test Wd 12 Testfolder Wrd12 Users e Use Select a Profile option to use the shares added in the profile 104 Chapter 3 NTFS Security Auditor DAC Reports Effective DAC permissions for specific users and groups on folders Step 3of3 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Folder Path wd12 Test VWRD12 Test folder for NTFSSA Wwd 12 Testfolder Wred12 Users You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Folder Options Folder Path Vd 12 Test Indude sub folders Traverse only 1 l
129. ST FOLDER m Do not display folders that i same permissions as the p se 38 Chapter 3 NTFS Security Auditor Built in Reports List of permissions for specific users and groups on folders Step 30f3 Select Shared Folder s Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile 0 Folder Path Indude sub folders Folder level RD10 NETLOGON True All YRD10NEW TEST FOLDER True All YRD10 NEW TEST FOLDER SHARE True YRD10NTFSTESTFOLDER True All FI Do not display folders that have the same permissions as the parent folder W Include group members L Include SID Indude group membership Exclude inherited permissions You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in
130. Scan Profile UsersGroups Select User Group Account s Select the User andor Group accounts for which wou would like to create a profile Profile Hame Account Hame Add Accounts from domainserver Browse and Select Selected Accounts Account Hame Account Type Remove 1 Enter a name for the profile 2 Use the Browse and Select button to enumerate users groups from servers or Scan Profiles Computers as shown below 545 Chapter 6 Scan Profiles Manager Wiew and Select Accounts UsersGroups available from computers displayed below eee Scan Profiles Computers arenaen Domains il DISCOVERY i PATHFINDER H fm Domain Controllers 3 You can enter users groups name and add to the selected account list for creating a profile Enter the users groups name in Domain User Name format and click the Add button to add the entered account to the list as shown below 546 Chapter 6 Scan Profiles Manager Je Scan Profile Users Groupsi Select User Group Account s Select the User andor Group accounts for which wou would like to create a profile Profile Name Sample Profile Add Accounts Account Name ADVENTURE Adminuser Accounts From domain server Browse and Select Selected Accounts Account Mame Account Type 547 Chapter 6 Scan Profiles Manager de Scan Profile Users Groups Select User Group Account s Select the User andor Group accounts for whic
131. Scan Profiles Manager About Scan Profiles Users Groups You can setup Scan Profiles Users Groups to scan a subset of users groups present in computers and save these profiles for repeated use useful for repeatedly scanning and reporting on different subsets of users and groups permissions on share folders For more information about Scan Profiles Users Groups follow the links given below e How to create Scan Profiles Users Groups e How to manage Scan Profiles Users Groups e How to apply Scan Profiles Users Groups 543 Chapter 6 Scan Profiles Manager How to create Scan Profiles Users Groups Perform the following steps to create a Scan Profile Users Groups Shares 1 Select a from the Configuration tab This action will launch the Scan Profiles Manager Users Groups dialog as shown below J Scan Profile Manager Users Groups fou can setup Scan Profiles Users Groups to scan a subset of users in servers and save these profiles for repeated use This window lists available profiles Click New to create a new profile Click Edit to modify selected profile Click Delete to delete a profile Click Preview to view the contents of a profile Frequent Checks Restricted sers Roaming Users 544 Chapter 6 Scan Profiles Manager 2 Click New button in the Scan Profiles Manager Users Groups dialog This action will launch the Scan Profiles Users Groups dialog as shown below J
132. Scan Profiles Manager IQ Refresh ag Export Er E mail From 4 29 2015 J To 5 25 2015 er Generated on 29 May 2015 05 15 44 PM Task Name Share Path lt Grant permission 5 79 2015 5 15 36 voyager glory wrd40 TestShare 5 29 2015 5 15 09 voyager adminuse rd40 TestShare 5 29 2015 5 14 08 VOYAGER gary VO 5 29 2015 5 12 42 voyager david vo 5 29 2015 5 11 56 voyager adminuse Wwd40 testshare View Grant Pemissions Status Success Selected Options This folder subfole Permissions Read Read and Execute Allow This folder subfalg Add the new permi This folder subfale Read and Execute er This folder subfole ee Add the new permi Add the new permis 7 Add the new permi Select required From and To dates Select Revoke Permissions in the View option Then click Show History button The Revoke Permissions history will be displayed as shown below a Refresh p3 Export Eyl E mail From 1 13 2013 To 2 12 2013 fr Generated on 2132013 2 19 00 PM Account Share Path Mame Task Name Date and Time lt Revokepermissig 1 29 2013 12 16 41 discovery test 1 29 2013 11 57 28 discovery adminus rd46 copy test Read Wrd46 copy test Read show History Status Success Selected Permissions Access Type Allow Revoke aselected Revokeaselected Tz Select required From and To dates Select Copy Permissions in the View option Then c
133. Select user group account s Select the user andor group accounts For which you would like to grant permissions on shared Folder si File si Account name jens Add to list o Accounts from domain server Browse and Select Accounts from Scan Protiles Userssroups ss Frequent Accounts o Selected Accounts Account Mame Account Type ACVENTURE alec User S0VENTUIRE Angelo User 40VENTURE James User 40VENTURE michael User Back Merck Cancel Click Next to proceed to the Next step Step 3 Select Access Control type and permissions Select ACE type and permissions to grant for the selected accounts on the selected shared folder s files s 351 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 3 of 6 Select Access Control type and permissions Select the access control type and permissions to grant For the selected accounts on the selected shared Folder s filets Fermizsions s Full Control Modify W Read and Execute List folder contents W Read Write Advanced Permissions Traverse Folder Execute File List Folder Read Data V Read Attributes W Read Extended Attributes Mr Create Folders npend Data Access Control Type Allow Deny Apply onto This folder subfolders and files Apply these permissions to objects and or containers within this container only Back Merck Cancel Click Next to proceed to the next step
134. Settings NTFS Security Management Suite 2014 may be configured to use either MS Access MDB or SQL Server database for its data storage to generate reports If you choose SQL server NTFS Security Auditor module requires an SQL Server running SQL Server 2005 2008 2012 Enterprise Standard Express editions to connect and create a new application database NTFS Security Management Suite 2014 will connect to the specified SQL Server based on authentication mode and user credentials to manage its own application database You can access the Database settings by clicking Configuration gt Configuration Settings menu in the NTFS Security Management Suite 2014 main application window and choose Database settings as shown below Configuration Settings E Select an option for storing the application data either in MS Access or SQL server f you choose SQL server enter a ii SQL server running SQL Server 2005 2008 201 Enterprise Standard Express edition and the user credential having sufficient privileges to connect create and delete database in the specified SQL server ig General if Domain Credentials Se a User Connection Profiles Use MS Access SQL Server Rd2 eg MSSQLSRV1 Database Option Ey Email Settings I ij Database Settings nes a NTFS Security Manager a NTFS Security Audit Use a single central database for all instances of the application Faeres EC r of Use a separate databa
135. Share Folder File Folder File Mame Path Mame Type BUILTIN Adminis BUILTIN Adminis Allow Full Folder BUILTIN Adminis BUILTIN Adminis Allow BUILTIN Adminis BUILTIN Users Allow Folder File Ovyner User Mame Security Inherte Apply To ADChangeT WW RO4 S ACH os ele yelp 40 Changetrack 40 ChangeTrack This Folder only This Folder subFol Folder This Folder and su This Folder subFol Subfolders and fil 40ChangeTrack Folder BUILTIN Adminis BUILTIN Users Allow 40Changetrack Folder BUILTIN Adminis CREATOR OWNER Allow Address 4ADChangeTrack 40 ChangeTrack 40 ChangeTrack 40 Changetrack 40 ChangeTrack WRD4S 4addre Address Address Folder File File File File Folder Folder BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis BUILTIN Adminis NT AUTHORITY BUILTIN Adminis BUILTIN Adminis BUILTIN Users NT AUTHORITY BUILTIN Adminis BUILTIN Adminis Allow Allow Allow Allow Allows Allow Allow This Folder subFol This Folder only SubFalders and fil Chapter 3 NTFS Security Auditor DAC Reports About DAC Reports How to view the effective DAC permissions for specified accounts How to view the effective DAC permissions for the selected set of shared folder How to view the Central Access Polici
136. Specdfy an account that has suffident privileges to retrieve report information from the selected Domains Servers Run As researchiab admin Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to the next and final step 239 Chapter 3 NTFS Security Auditor Step 5 Summary Step 5 of 5 Summary Click Finish to save the task details C Users Public Docume Shares and security Management Click here to view ae 20144 Export Standard Micheal Reseachlab co eee ee i Resources Shares This step displays the summary information of the task Click Finish to save the task details The task will be added to Windows Schedule Tasks and will be displayed in the Scheduled Tasks Manager Window as shown below 240 Chapter 3 NTFS Security Auditor Task Name Standard Reports Task RESEARCHLAB adminusers Report Type Server Report Exported Files Click here to view Schedule At 11 22 AM every day starting 5413 20144 5 Export Export Folder Report Name Servers Domains AS Export Path Task Name C Users Public Documents NTFS Click here to view Security Management Suite Micheal Gre 2014 Export Standard Reports Task Shares and Resources Shares 241 Chapter 3 NTFS Security Auditor Schedule Built in Repo
137. Step 4 Apply the required rules to be used while assigning permissions Select which rules to apply while assigning permissions 352 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to add permissions to the selected shared folder s file s permissions list Assignment Rule Add the selected pemissions to the existing permissions list f the selected account already exists in the permissions list Add the new pennissions to the account s existing pennissions eG Replace the account s existing penmissions with the new permissions oe E Also apply the above to subfolders and files that do not have inheritance set non nherted folders and files ri Remove all existing accounts and replace with the selected accounts and permissions d E Replace all child object existing permissions with inhentable permissions from this object Ci Back Next Cancel Add the new permissions to the account s existing permissions option will add the selected permissions to the existing permissions list and also it will not affect the existing permissions You may also use the below options to grant permissions and also apply inheritance by Inheritance rule e Replace the account s existing permissions with the new permissions e Also apply the above to subfolders and files that do not have inheritance set non inherited folders and files e Remove all existin
138. Step 4 of T Additional report settings Select additional report settings Validate for Errors Generate report ignoring any errors found Generate report only if no errors were found Send error report through e mail E mail Settings Highlight Errors Access is denied F The specified network name is no longer awailable E The specified path file name or both are too long Indude errors as part of the report E Highlight Items Permissions Accounts i F Blocked Inheritance F Full Control E Modify F Delete Indude group members information ss ss 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate the report even if errors are encountered during the validation option o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Select error information that needs to be
139. TFS Security Manager Grant Permissions About Grant Permissions How to Grant Permissions for selected Shares How to reuse the Grant Permissions templates 339 Chapter 4 NTFS Security Manager About Grant Permissions The Grant Permissions feature allows you to grant permissions to the Share permissions You can use many options like Add the new permissions to the account s existing permissions Replace the account s existing permissions with the new permissions etc You may select options to Allow Block inheritance from the parent object and also Replace all child objects existing permissions with the inheritable permissions from this object while granting permissions for accounts Here is the list of actions you can perform using the Grant Permissions feature Note This feature will not break the inheritance from the parent of current object If you still wish to break the inheritance from the parent object you may use the option Block Inherited permissions from this object s parent to block inheritance Grant permissions for selected Shares How to Grant permissions for the selected accounts to the selected shared folder s file s permissions list Replace existing accounts permissions with the new permissions How to Replace the existing accounts permissions If an existing account is selected to grant permissions to a shared folder Also apply the above to subfolders and files that do not have inheritance
140. TURE Domain Controllers RD49 Eg WRDASI2 Ea MRD4922 E WRD49 Address ES WRD49 admin folder fad WRD4S ADMINS fae WRD49 basic per EE WRD49 Bulk Test folder EE WRD49 Bulk test foldert foe WRD49 BulkTestWithOu fad WRDASNCS fag WRD4S DS Ea WRDASNES ad WAD4Q E ff supp folder foe WRD49 ExchangeOAB fed WRD4S FS eat WANES Accounts Basic Permissions ADVENTURE alec ADVENTURE Martir ADVENTURE alex T ADVENTURE Robin ADVENTURE Richard BUILTIN Administrators NT AUTHORIT SYSTEM Accounts Advanced Permissions Account Name ACEType Inherited aa ADVENTURE alec ADVENTURE Martin ADVENTURE alex ADVENTURE Rabin ADVENTURE Richard BUILTIN Administrators NT AUTHORITYSSYST ADVENTUREadminuser Allow Allow Allow Allow Allow Allow Allow Allow No No Mo Mo Mo Yes Yes Yes Current owner BUILTIN Administrators Allow Inherited pennissions from the parent to propagate to this object Permissions Full Control Modify Read and Execute List folder Read Write Special permissions Traverse Folder Execute File List Folder Read Data Read Attributes Read Extended Attributes Create Files Write Data Create FoldersyAppend Data Write Attributes Write Extended Attributes Delete Subtalders and Files Delete Read Permissions Change Pennissions SSS oo 3 9 0 a 0 o 0 0 a a a Ss Opoo ppppopcgcpoponn onon np T
141. This will not affect the accounts which are inherited from the parent of the current object If you still wish to break the inheritance from the parent object you may use the Grant Permissions or Modify Permissions tool to block inheritance e Revoke a selected set of accounts and their permissions from the selected shared folder s file s This option will revoke the selected accounts and their permissions from the shared folder s file s permissions list In this option you can selectively revoke a set of permissions granted to accounts 376 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Select any one of the options bo revoke permission entries From the shared Folder si Filefs Revoke all existing accounts and their permissions from the selected shared folder s file s oe Revoke a selected set of accounts and ther permissions from the selected shared folder s fle s oe Merck Cancel 377 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Select any one of the options to revoke permission entries From the shared Folder s file s Revoke all existing accounts and ther permissions from the selected shared folder s fle s oe Revoke a selected set of accounts and their permissions from the selected shared folder s file s A Merck Cancel Click Next to proceed to the Next step Step 2 Select shared folder s file s Select shared folder s file s by using any of the inpu
142. Traverse Traverse Folder This folder only BUILTIN Server Op Group Allow Read and Execul Subfolders andfiles only This folder only CREATOR OWNER Cees cams ei aa Full Control Subfolders andfiles only NT AUTHORITY Au Well Known Sid Allow ead and Execul Subfolders andfiles only This folder only NT AUTHORIT Well Known Sic Allow Full Control Subfolders andfiles only This folder only PHOEND Administ User Active Allow Modify This folder subfolders and files This folder subfoldersand files PHOENDX adminus User Active Allow Modify This folder subfoldersand files Modify This folder subfolders and files This folder subfoldersand files RD10 NEW TEST F NEW TEST F Folder PHOENX adminy PHOENDX Administ User Active Allow ull Control This folder subfolders and files PHOENT adminus User Active Allow Modify This folder subfolders and files 189 Chapter 3 NTFS Security Auditor List of folders with broken inheritance and their permissions This report allows you to view the list of folders where inheritance is broken and the assigned permissions N Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Security Vulnerabilities List of folders with broken inheritance and their permissions Step 1of2 Select Report Select a report from the list of Security Vulnerabilities Reports
143. URE michael User Back Merck Cancel Click Next to proceed to the Next step Step 3 Select Access Control type and permissions Select ACE type and permissions to grant for the selected accounts on the selected shared folder s files s 406 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 3 of 6 Select Access Control type and permissions Select the access control type and permissions to grant For the selected accounts on the selected shared Folder s filets Fermizsions s Full Control Modify W Read and Execute List folder contents W Read Write Advanced Permissions Traverse Folder Execute File List Folder Read Data V Read Attributes W Read Extended Attributes Mr Create Folders npend Data Access Control Type Allow Deny Apply onto This folder subfolders and files Apply these permissions to objects and or containers within this container only Back Merck Cancel Click Next to proceed to the next step Step 4 Apply the required rules to be used while assigning permissions Select which rules to apply while assigning permissions 407 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to add permissions to the selected shared folder s file s permissions list Assignment Rule Add the selected pemissions to the existing permis
144. User Ef Explicit and Inherited Perm p Eat Task Delete Task The task summary includes information about the task information reports selected export print settings To view the selected servers domains for a report in the task click on the hyperlink in the Servers Domains column in the right pane The Selected Servers Domains window will be displayed as shown below 229 Chapter 3 NTFS Security Auditor Domain Mame Server Hame PATHFINDER RDH PATHFINDER ROS View exported files To view the reports generated and exported by the task perform either one of the following steps e Select Scheduled Tasks node on the left pane and then click on the hyperlink in the Exported Files column in the right pane for the desired task OR e Select the desired task on the left pane and then click on the hyperlink next to Exported Files Edit Task Select a task from the Scheduled Tasks Manager Window and Click Edit Task Perform the steps as in Schedule Shares Folders and Files or Schedule Built in Report based on the scheduled report type While proceeding through the wizard you may change the settings add a new report delete a report edit a report change the export path etc The new settings will be used when the task runs the next time Delete Task To delete a task from the Power Reports Task Manager Window select the task and Click Delete Task The deleted task will be removed permanently from the Wi
145. V file format the information is stored as comma separated values For each report a CSV file will be generated The name of the CSV file will be the name of the report and is stored in the specified destination path if Export to time stamped folder option is cleared or under a sub folder of the form YYYY MM DD HH MM SS under the specified export path if Export to time stamped folder option is set In SQL table format the information is stored as SQL tables in the application database in the specified SQL server based on the selected SQL database option For each report a separate table will be created The name of the table will be the name of the report In HTML and XLSX file format the information is stored in the html and xlsx file respectively For each report a HTML file will be generated The name of the HTML file will be the name of the report and is stored in the specified destination path if Export to time stamped folder option is cleared or under a 521 Chapter 6 Scan Profiles Manager sub folder of the form YYYY MM DD HH MM SS under the specified export path if Export to time stamped folder option is set 522 Chapter 6 Scan Profiles Manager How to E mail data NTFS Security Management Suite provides the option to e mail the reports generated Click Sap E mail button in the toolbar to e mail the report to e mail recipients E mail dialog will be displayed as shown below e E mail Report Specify
146. View and select Shares and Folders available From computers displayed below ee From a text File Share Falder UNC F H E Domain Controllers ao SccnrdfiesiShart s8 Servers Workstations 2 Hi RDA Folder Path O H RDA Add From H RDSI Import oe Remove H WSSLAB C Apply to all the si c YSSPRO Include files pres Back Hert Cancel e Use Select a Scan Profile Shares option to use the Shares added in the profile 486 Chapter 4 NTFS Security Manager Revoke Central Access Policy Step 1 of 3 Select Shared Folder s File s Enter the full path of a shared Folder file Click Add From to load the list of shares Inport to import a list of UNC Folder paths From a text File ShareFolder UMC Path Add ri Scan Profiles Shares test shares w oa Folder Path Domain name Add From WADSTANTFSSM Test VOYAGER i WADI TT est folder VOYAGER Import oo Remove Apply to all the sub folders Include files present inside folders Back Next Cancel You may also type the UNC path of a folder that is not in the list such as a folder that is shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button e Apply to all the sub folders This option will revoke central access policy from all sub folders of the selected folders as specified in this wizard Include files present inside folders This option
147. Wsers Scan Profile ha Folder Path 3 V Do not display Bal RESEARCHLAB C Include files pr 160 Chapter 3 NTFS Security Auditor Power Search Wizard Permissions SACL Step 1 of 4 Select Shared Folder s Files Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level Add From VRD 10 NEW TEST FOLDER True All WRD 10 NEW TEST FOLDER SHARE True All VAD IO WNtfs test folder permissions True All VAD 10 Test folder permissions True All Do not display fles that hawe the same permissions as the parent folder Customize Edit Folder Options E Include files present inside folders Set Search Pattern You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with i
148. a T TEE E EENE E E EE 183 POWER EXPO Sossarna aa E a L EEan 227 ADUT POWE EXDO osr T T T T O 228 Scheduled TaSKSiIViaha SON ccecctaensatcoa acc a a a inact eeeaateaenacee 229 Schedule Shares Folders and Files REDOC cccccccsssccccssscccssecccescccseuscecsensesseaesecseecesaueeeessueeeeseuseesseesessaaess 233 SCHECAUIE BUNT REDOMS eraa iuuseseat siege ennui deateator adnan teas staaveananeeteotelacesaimetuniates 242 NTFS SECURLEYIMIANAGER ais ccioniatvisentarncaniosuteunberonaahoomiantannianiasveas esas peanutastaiessiauieedisences 338 Grant PermisSiONns siconr a acdh cuseead ee cucnca eve ceuctens bance aeaa 339 ADOUE Grant SlMIISSI ONS asda a a Nace deuansdascus ods dau tncesa Ris aN dautucosadea vache auimsenntuakee 340 HOW to Grant Permissions fOr selected Shares sires ood acsscad dene dey a A TN T 347 How to reuse the Grant Permissions template siaciandencceicivecassaitca cee eeel vacutaea varvacdeuadh banca usa eeeedsetecanes vaca enacanons 358 REVOKE PELMISSIONS 5ici05 ce6 su snorre O S N OA EENE A AEE 360 PDOUUIREVOKE PES OS sa ai afte Foie alee oa a ata a E is 361 How to revoke permissions from the selected shares permissions list c cssecccccesssecceceeeseceeceeeeeceeeaeneeeesseees 376 How to reuse the Revoke Permissions template cccsseccccssscccceesccceescecceecccseecesaeeeceseaeeessescesaeeseeseesessaaeeess 393 Modify PERINISSION S ens E 395 How to view the share permissions ccccsseccccssscccces
149. a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders option to include all files from the specified folders in the report Use Set sub folder levels option to view permissions in the selected levels of sub folder s in the shared folder Folder Levels Folder Levels Include upto 3 aird level of sub folder s in the shared folder Include only 1 St level of sub folder s in the shared folder gt Include folders after 1 St jevel of sub folder s in the shared folder gt Include only leaf modes in the shared folder Include upto N level s of sub folder s in the shared folder This option will view permissions from sub folders which are upto the specified folder traversal level 215 Chapter 3 NTFS Security Auditor Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permissions from sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folde
150. a report and Click Edit Criteria or Double Click the report 2 The Criteria Settings window will be displayed as shown below Criteria settings Report List of Shares Share Type Sh 5 Cancel 331 Chapter 4 NTFS Security Manager 3 Specify the criteria to filter the report data using the checkboxes 4 Click OK in Criteria Settings window to go back to the wizard 5 Adescription of the selected criteria will be displayed under Criteria Description as shown below ai Power Export Built in Reports Step 3 of6 Report Criteria Optional You may specify a criteria for each of the following reports to fiter data Click Next to keep the current criteria as described under Criteria Description or click Edit Criteria to modify it J Server R eports Criteria Description E List of Shares Share Type Folder Share OR Share Type Admin Share H E List of Shares with permissions F Edit Criteria lt Back Wext Close 6 Click Next to proceed to the Next step 332 Chapter 4 NTFS Security Manager Step 4 Delivery Options A Power Export Built in Reports Step 4of6 Delivery Options Select the report delwery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path tamped folder in the format yyyy mm dd hh mm ss under the
151. aaar F An TS Herr IET FT EY i FPOWEr Search Wizard Permissions LALL Step 1 of 4 Select Shared Folder s Files Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder i gt paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level 139 Chapter 3 NTFS Security Auditor Power Search Wizard Permissions DACL Step 1 of 4 Select Sbseed Ealdarfci _ File Enter the full pati paths from a texi y properties for sca jew and select Shares and Folders available from computers displayed below Share Folder UNC Domain Controllers d RD10 C WRD10 ADMINs LJ Romes L WRD10 WETLOGON WARD LO WEW TEST FOLDER WRD10 MEW TEST FOLDER SHARE VAD 10 Ntfs test folder permissions _ WRD10 WTFSTESTFOLDER 3 L Web 10 sysvoL E YRD 10 Test folder permissions E YRD 10 TestShareFolder VRD10Wsers Scan Profile ha Folder Path 3 V Do not display Bal RESEARCHLAB C Include files pr 140 Chapter 3 NTFS Security Auditor Pon Search Wizard Permissions DACL Step 1 of 4 Select Shared Folder s Files Enter the full path of a Share or Shared Folder C
152. all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders EBB List of effective permissions for users and groups on files List of effective permissions for specific users and groups on folders B List of effective permissions for specific users and groups on files 301 Chapter 4 NTFS Security Manager 1 Select Permissions Reports from the select report category drop down list Select the desired report Only one report may be selected to run in a single task 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step Step 2 Shared Folder Selection x Power Export Built in Reports Step 2 of 6 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of effective permissions for users and groups on files UNC Path Scan Profile Shares Select a Profile ao Folder Path Indude sub fold Folder level VRAD 10 TestShareFolder True All W Do not display files that have the same permissions as the parent folder Edit Folder Options Exclude Accounts Ja i T Game 1 Select the desired folder s for which you wish to run the perm
153. an Profile Users Groups to retrieve available users and groups from Report Name List of permissions for specific users and groups on folders Account name ay Add to list oe Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt Mo Profile found gt a o Selected Accounts Account Name Account Type BUILTIN Administrators Local Group BUILTIN Backup Operators Local Group BUILTIN Guests Local Group BUILTIN Print Operators Local Group BUILTIN Replicator Local Group PHOENIX Administrator User PHOENIX adminuser 1 User PHOENIX adminuser3 User PHOENIX adminuser5 User e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups 1 Select the user or group for which you wish to run the permissions report The selected users will be added to the wizard as shown above 3 Click Next to proceed to the Next step 246 Chapter 3 NTFS Security Auditor Step 3 Shared Folder Selection A Power Export Built in Reports Step 3 of 7 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of permissions for specifi
154. an Profile click Edit button in the Scan Profiles Manager The Scan Profile Dialog will appear on the screen which will allow you to edit the selected Scan Profile During edit operation you can modify the computer list however you cannot modify the type of the Scan Profile Delete a Scan Profile To delete a Scan Profile select the profile you want to delete and then click Delete button The selected Scan Profile will be deleted permanently Please note that reports associated with the Scan Profile deleted may fail to run when generated Preview the list of computers in a Scan Profile To preview the list of computers in a Scan Profile select a Scan Profile and then click Preview button The computer list will be displayed in a tree view as shown below Preview Test Servers a PATHFINDER m pps The Preview window shows the list of domains and computers selected in the Scan Profile if the computer list was either imported or selected from the network Whereas if specific Windows versions were selected then only the computers that match the selected Windows versions will show up Furthermore if specific domains were associated with the Scan Profile then only the selected domains will show up otherwise all the domains in the network will show up The Preview window allows you to view what computers in the network will be included in the profile 537 Chapter 6 Scan Profiles Manager How to apply Scan Profiles Com
155. and a to propagate to this abject ere ak Se ee PoP Po io 6 wpnaswes H e Click the option Remove to Remove the permission entries that were previously inherited from the parent and keep only those permissions explicitly defined granted this current shared folder s file s e The updated permissions list after removing the inherited permissions from the parent object as shown below 431 Chapter 4 NTFS Security Manager z Accounts Basic Permissions Permissions Add Domains Refresh ADVENTURE alec i lt No Share Profile found Configure ADVENTURE Martin ADVENTURE alex Gi ADVENTURE ADVENTURE Robin 5 4 Domain Controllers ADVENTURES Richard a8 RD49 G E Wro E WAD49 Address Accounts Advanced Permissions foe WRD49admin folder AccountName ACEType Inherited fae WRD4S ADMINS ADVENTURE alec E8 WRD49 basic per ADVENTURE Martin E8 WRD49 Bulk Test folder ADVENTURE alex ae WRD49 Bulk test folderi ADVENTURE Robin ea WAD49 BulkTestWithOu ADVENTURE Richard E8 WRD4S CS fae WRD4S DS fae WADAS ES foal WAD4S EFf supp folder Curent owner BUILTIN Administrators Apply onto Select Applyonto option fae WRD49 ExchangeQAB 2 Allow Inherited pennissions fram the parent a 5 F Fi fad WRD4S FS to propagate to this object Apply these permissions to objects andor containers within this container only
156. apter 3 NTFS Security Auditor How to view permissions of folders in a share k m Folders Clic tab The Folders and Permissions dialog appears ta shares and Resources Folders RO45 Q Refresh Export Y Filter FE Customize Folders and Permissions al Enterprise SHARES 4 Shares M HG Select shares ADChangeTracker _ Address _ Bharath Source Code Backup _ Bulk export For patch G LJ meETLOGON RD45 LOG _ Resources E Support Include sub folders 1 7 Do not display Files that have the same permissions as the parent Folder Cancel You can view permissions of folder s in a share or for all the shares in the selected server by selecting All shares option or Select share s option respectively You can also optionally include the sub folder s information by selecting the Include sub folders option The sub folder s having permissions identical as the parent folder would be shown in bold text with Same as parent in both User Name and Security fields in the report If you do not want folders with identical permissions as the parent folder reported then select the Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder To view up to a certain level of sub folders select the
157. arch window allows you to perform the following operations e Create a new search e Run an existing search e Edit an existing search e Delete a search e Preview the settings of a search Create a new search 1 To create a new search click New button in the window The Power Search Dialog will appear on the screen 2 Follow the steps as outlined in How to create a power search report 169 Chapter 3 NTFS Security Auditor Run an existing search 1 To Run an existing search click Run button in the window The Power Search report window will appear on the screen and the report will be displayed once the data collection is finished 2 During edit operation you can modify the search inputs however you cannot modify the type of the Scan Profile Edit an existing search 1 To edit an existing search click Edit button in the window The Power Search Dialog will appear on the screen which will allow you to edit the selected search 2 During edit operation you can modify the computer list however you cannot modify the name of the search Delete a search To delete a search select the search you want to delete and then click Delete button The selected search will be deleted permanently Preview the settings of a search To preview the settings of a saved search select a search and then click View Details button The settings will be displayed in a window as shown below Power Search Reports This window shows t
158. are common to the specified shared folders Compare ACLs Wizard Step 2 of 2 Select shared folder s Select a baseline reference folder and a folder to compare using browse button Click Set subfolder levels to set the levels of subfolder s to read ACLs from Baseline reference Folder ROIO NWEW TEST FOLDER Browse Folder to compare RD10 TestShareFolder Browse EF PENEN f ee Indude sub folders eens T Exdude inherited permissions Click Finish to generate the compared ACLs report 175 Chapter 3 NTFS Security Auditor 2 Refresh Export lag E mail Baseline reference Folder RD10 NEW TEST FOLDER Folder to compare RD10 TestShareFolder Generated on 8 20 2014 7 17 08 PM Folder Path Access Type Inherited Apply To Change Type Read and Execute List Folder C Allow No Thisfolder subfoldersand fi Traverse Folder Execute File Allow No This folder subfolders and fi 0 o ee is This folder subfolders and fi Modified Permissions RD10 TestShareFolder PHOENIXTestGroup2 Read and Execute List Folder Allow No This folder subfolders and fi PHOENIXTestGroup List Folder Read Data Allow No This folder subfoldersandf PHOENDXtest_ Read and Execute List Folder C Allow __ No_ This folder subfolders and fil Modified Permissions User Name RDIOINEW TEST FOLDER NEWTEST FC See E ee Le EEE PHOENDOiest May Aow ndo This folder ules ae Maid Permissions PHOEND Domain Use Read and E
159. arent object then this option will remove the inheritance from parent object Click Next to proceed to the Next step Step 5 Save as template Enter a name and description to save these settings as a template for reuse later Grant Permissions Wizard Step 5 of 6 Save as Template Optional Enter a name and description to save the input settings as a template You may reuse this template later Template Marne Grant Permissions task Template Description a ies cone Click Next to proceed to the next step Step 6 Summary This step displays the summary of all the input data along with the selected options 410 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 6 of 6 Summary Shows the details of all inputs provided in the wizard Selection Summary Shared folder s file s 1 WRD4S Address 2 WRO49 Bulk Test folder 3 WRD4S Bulk test folderi 4 ARDANE supp folder 5 Wrd4o shared document 4 ADVENTURE michael Permissions Modify Access Control Type z Back Finish Cancel Click Finish to complete the Grant Permissions wizard Permissions will be granted as specified in the wizard The summary of all the input data would be shown below along with the option View change log to view the task completion status lt Grant permissions Report gt Selected Permission Entries to Grant Permissions Accounts S4OVENTURE alec ADVENTURE Angelo SOVENTURE ames
160. as shown below Qj Refresh s6 Export Ff Filter Sy E mail Find Report Details Report Name List of effective permissions for users and groups on folders Generated on 07 Jun 2014 11 41 29 AM Status Success Filter Not Applied User Group Member Sub Group nee we Folder Path Sub Follers Owner Account Type Members an roan a amp Effective Permissions RD10 Netlogon Netlogon BUILTIN Administral BUILTIN Administr Alias PHOENIX Administrator User Explicitly assigned Traverse Folder Execute File PHOENIX Domain Admins group PHOENIX Administ Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENDX adminus Explicitly assigned Traverse Folder Execute File PHOEN X adminus Explicitly assigned Traverse Folder Execute File PHOEN X adminus Explicitly assigned Traverse Folder Execute File PHOEN X adminus Explicitly assigned Traverse Folder Execute File PHOEN X Enterprise Admins group PHOENDX Administ Explicitly assigned Traverse Folder Execute File PHOENDX adminus Explicitly assigned Traverse Folder Execute File PHOENIX TestGroup1 group PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGroup1 gt PHOENIX TestGroup2 group PHOENDX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGroup2 gt PHOENIX TestGroup group PHOENIX adm
161. at focus solely on reporting the access permissions assigned to users and groups on objects such as folders etcetera em Shares and Resources Click on button under Built in Reports List of Permissions Reports Report Name List of permissions for specific users and groups Reports the folder permissions assigned to on folders specific users and or groups on a selected set of folders List of permissions for folders Reports the permissions associated with a selected set of folders List of permissions for specific users and groups Reports the files permissions assigned to specific on files users and or groups under a selected set of folders List of permissions for files Reports the permissions associated with files under a selected set of folders List of all permissions for folders Inherit amp Reports the permissions for users assigned in the Explicit folders directly and inherited by means of nested groups on folders seus groups for a set d BLACA on files me an groups for files NE ina aa of oie groups on folders E CC users and groups available in a set of folders List of effective permissions for specific users and Reports the effective permissions for specific groups on files users and groups for files available in a set of folders 34 Chapter 3 NTFS Security Auditor List of permissions for specific users and groups on folders This report allows you to view folder permissions for spec
162. ave the F Exclude Accounts Edit Folder Options same permissions as the parent folder 5 You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default If you want to exclude specific accounts from reporting select Exclude Accounts option Click Accounts button to launch Exclude Accounts window as shown below 71 Chapter 3 NTFS Security Auditor Exclude Accounts Exclude the following accounts Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users NT AUTHORITY SYSTEM E BUILTIN Users Select the accounts which you want to exclude and click OK You can use Cust
163. browser service may not be functioning properly Aternatively you may use the Active Directory services for computer enumeration _ Indude files _ Indude Grow 220 Chapter 3 NTFS Security Auditor Security Vulnerabilities i List of Effective Access for specific user and groups on folders 2s Step 30f3 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC a A folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the FEE default properties for scanning each folder Share Folder UNC Path SET Folder Path YRD 10 NETLOGON WRD 10 NEW TEST FOLDER YRD10 NEW TEST FOLDER SHARE RD10 Ntfs test folder permissions WAD 10 NTFSTESTFOLDER 4 Indude files present inside folders Set sub folder levels Indude Group members You may also enter the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders option to include all files from the specified folders in the report You can select Include Group members option to include all the members of
164. c users and groups on folders UNC Path Folder Path Indude sub fold Folder level WARD 10 TestShareFolder True All Do not display folders that have the same permissions as the parent folder Edit Folder Options Exclude inherited permissions 1 Select the desired folder s for which you wish to run the permissions report 2 You may also click Import button to import a list of UNC folder paths from a text file 3 Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Options button 247 Chapter 3 NTFS Security Auditor 5 That will show up a window as shown below Folder Cptions Folder Path lepine ten Indude sub folders E Traverse only 1 level s of sub folder in the shared folder or Apply this setting to all folders in list Modify the folder options as required and click OK 6 You can use Customize option to exclude some of the fields
165. ccounts Exclude the following accounts W Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts Mf BUILTIN Administrators E NT AUTHORITY Authenticated Users E NT AUTHORITY SYSTEM E BUILTIN Users ok Cancel 7 Select the accounts for which you want to exclude and click OK 8 You can use Customize option to exclude some of the fields from the report as displayed below 294 Chapter 3 NTFS Security Auditor Full Path Folder Path Sub Folders Owner User Group Name Account Type Type Inherited amp Explicit Effective Permissions 9 Select the customize options as required and click OK 10 Click Next to proceed to the Next step 295 Chapter 4 NTFS Security Manager Step 3 Additional report settings pi Power Export Built in Reports Step 3 of 6 Additional report settings Select additional report settings Validate for Errors Generate report ignoring any errors found Generate report only if no errors were found Send error report through e mail E mail Settings Highlight Errors Access is denied F The specified network name is no longer awailable E The specified path file name or both are too long Indude errors as part of the report E Highlight Items Permissions F Blocked Inheritance F Full Control E Modify F Delete Indude group members information
166. certain Permissions and Account status in the report data Select the desired Permissions and status of Accounts that need to be highlighted 278 Chapter 3 NTFS Security Auditor 4 You may also select Include group members for include members of a group and their sub group members at all group levels in the report 5 You may also select Include group membership for include membership information of user and group in the report 6 You may also select Include SID for include SID value for user in the report 7 Click Next to proceed to the Next step Step 4 Delivery Options z Power Export Standard Reports Step 4of6 Delivery Options Select the report delvery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path All selected reports will be exported to a time stamped folder in the format ywywyy mm dd hh mm ss under the task name folder bootie Export Export Path C Wsers Public Documents NTFS Security Manageme E mail To Address Micheal Reseachlab com E mail Settings Compress the attachment Note This evaluation version exports e mails only the first 10 records 279 Chapter 3 NTFS Security Auditor 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path Click Additional E mail Settings button to sp
167. d Generate report only if no errors were found Send error report through e mail Indude errors as part of the report Highlight Errors ACCESS jis denied The specified network name is no longer available The specified path file name or both are too long Highlight Items Permissions E Blocked Inheritance Full Control FP Modify E Delete 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate the report even if errors are encountered during the validation option o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Selecting error information that needs to be highlighted 287 Chapter 3 NTFS Security Auditor 3 You may also select Highlight Items for highlighting rows containing certain Permissions and Account status in the report data Select
168. d Templates window will be displayed as shown below Saved Templates Select any template trom the list of saved templates to proceed Click Edit to modify the selected template Click Delete to delete any selected template and Click View Details to view the contents of selected template Template Name Description Template Type TA pple CAF Sample ApplyCAP Open Delete View Details Close The saved templates window allows you to perform the following operations e Open an existing template e Delete a template e Preview the contents of a template Open an existing Template 1 To open an existing Apply CAP template select the Apply CAP template and click Open button in the window The Apply CAP Dialog will appear on the screen which will allow you to edit the selected template 2 During edit operation you can modify the computer list and central access policy entries however you cannot modify the name of the template 480 Chapter 4 NTFS Security Manager Delete a template To delete a Apply CAP template select a Apply CAP template which you want to delete and then click Delete button The selected template will be deleted permanently Preview the settings of a Template To preview the settings of a saved Template select a saved Apply CAP template and then click View Details button The settings will be displayed in a window as shown below Saved Templates template Click Delete to delete any selected
169. d description for the search Search Name Users who can Modify Search Description Click Finish to generate the power search report After the data collection process is complete the report would be generated in a report window as shown below 157 Chapter 3 NTFS Security Auditor ren i Refresh s6 Export Eyl E mail Search Details Search Name UserAccess Check Generated on 02 Jul 2014 07 13 40 Ph Folder File Object Folder File Path Type Name WRD10 NEW TEST Folder WRD1O NEW TEST Folder WRDLO WEW TEST F Folder Share folder Foldertest Share folder Search Settings Status Success Permissions pees Inherited Owner ocet SID Control Type Name Allow No PHOENDX adm PHOENIX sar S 1 5 21 2366372 PHOENDX adm PHOENDX san S 1 5 21 2366372 LD Read and Execute Allow No PHOENTM adm PHOENTX saq S 1 5 21 2566372 PHOENIX Sar 5 1 5 21 2366372 Read and Execute Allow No PHOENX adrj PHOENx sar 1 5 21 2366372 Read and Execute Allow 5 1 5 21 2366372 No PHOENDX adm PHOENIX Sar 5 1 5 21 2366372 Read and Execute No PHOENDX adn PHOENIX sar 5 1 5 21 2366372 S 1 5 21 2366372 NEW TEST FOLD Read and Execute Allow No PHOENX adrj PHOENDsar 1 5 21 2366372 Read and Execute PHOENTM adm PHOEN Disan 5 1 5 21 2366372 oe 158 Chapter 3 NTFS Security Auditor How to view Power Search Auditing SACL Reports Permissions DACL Exceptions DACL Click on
170. d files that do not have inheritance set noninherted folders and files eo Remove all existing accounts and replace with the selected accounts and permissions o E Replace all child object existing permissions with inhertable pemission trom this object ri E Inheritance Rule Add the new permissions to the account s existing permissions option will add the selected permissions to the existing permissions list and also it will not affect the existing permissions You may also use the below options to Copy Permissions and also apply inheritance by Inheritance rule e Replace the account s existing permissions with the new permissions e Also apply the above to subfolders and files that do not have inheritance set non inherited folders and files e Remove all existing accounts and replace with the selected accounts and permissions e Replace all child objects existing permissions with the inheritable permissions from this object Inheritance Rule e Allow inherited permissions from this object s parent e Copy inherited permissions e Remove inherited permissions Replace the account s existing permissions with the new permissions If a selected account already exists in the current list of permissions of the selected target shared folder s file s this option will replace all explicitly assigned account permissions with the newly selected permissions for that account 456 Chapter 4 NTFS Security Manager Example
171. dd the new pennissions to the account s existing pennissions oe Replace the account s existing permissions with the new permissions ri E Also apply the above to subfolders and files that do not have inhertance set nonnherted folders and files oe Remove all existing accounts and replace with the selected accounts and permissions d E Replace all child object existing permissions with inhertable permissions from this object ri 7 Inheritance Rule 6 Allow inherited permissions from this object s parent oe Block inherited permissions from this object s parent Copy inherited permissions CE 9 Remove inherited permissions Ci pack net an e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Grant Permissions for selected Shares 346 Chapter 4 NTFS Security Manager How to Grant Permissions for selected Shares The Grant Permissions feature allows you to grant permissions to the Shares You can use many options like Add the new permissions to the account s existing permissions Replace the account s existing permissions with the new permissions etc You may select options to Allow Block inheritance from the parent object and also Replace all child objects existing permissions with the inheritable permissions from this object while granting permissions for accounts Grant Permissions Click on button The Grant Permissions window will be displayed as shown below
172. de files present inside folders Replace H U RESEARCHLAB op fn SPACENFT T e Click Replace button in the Accounts Selection window 423 Chapter 4 NTFS Security Manager Permissions Modifier Share Folder path E Add Domains g Refresh Scan Profiles Computers No Profile found Configure us Scan Profiles Shares H test folder Domains 6 A PHOENIX d i Domain Co ai R010 EE WRDO NEW TEST F ea WRD O Ntis test fol E WADI O NTFSTESTF eae WADI O S YSVOL feat WRD10 Test folder m ea WAD10 TestShareF H E WAD10 Users m RESEARCHLAB hi SPACENFT 4 mT Accounts Basic Permissions Permissions PHOENIX sam Full Control PHOENIX Test group PHOENIS Testgoupes PHOENIX Sanu NT AUTHORITY SYSTEM PHOENIX Testgoupes PHOENIX Saru NT AUTHORITY SYS BUILTIN Administrators BUILTIN Users Allow Allow Allow Allow Allow Modify Read and Execute List folder cont Read Write Yes Yes Yes Curent owner PHOENIX adminuser4 Allow Inherited permissions from the parent to propagate to this object e Click Yes to replace the selected account e The updated permissions list will be displayed as shown below ISS Sso y O A OOO 424 Chapter 4 NTFS Security Manager H Add Domains Refresh Scan Profiles Computers lt No Profile found Configure us Accounts Basic Pennissions PHOENIX adminuser PHOEN Test group PHOENIX
173. dentical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default You can use Customize option to exclude some of the fields from the reports as displayed below 161 Chapter 3 NTFS Security Auditor E Full Path Folder File Path Object Type Folder File Name Permissions Access Control Type Inherited Owner NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options WEW TEST FOLDER Indude sub folders E Traverse only 1 lt level s of sub folder in the shared folder F Apply this setting to all folders in list Use Set Search Pattern option to exclude sub folders that match certain pre defined conditions like Folder name starts with Folder name ends with Example Folder name starts with test 162 Chapter 3 NTFS Security Auditor Power Search Wizard Permissions SACL Step 1 of 4 Select Shared Folder s Files Enter the full pl Ealder Search Options paths Fom a he scanning each l Enter search criteria to exclude subfolders Share Folder UN Apply subfolders that start with Apply subf
174. der 5 No Traverse Folder 5 No Traverse Folder 5 No Traverse Folder amp No Full Control No Full Control No Traverse Folder 5 No This folderonly BUILTIN Administrators gt PHOENIX Enterprise Admins Subfolders andfile BUILTIN Administrators gt PHOENIX Enterprise Admins gt PHOENIX gt PHOENIX Subfolders andfile BUILTIN Administrators gt PHOENIX Enterprise Admins gt PHOEN DAI Subfolders andfile BUILTIN Administrators gt PHOENIX Enterprise Admins Subfolders andfile BUILTIN Administrators This folderonly BUILTIN Administrators gt PHOENIX Enterprise Admins This folder only BUILTIN Administrators gt PHOENIX Enterprise Admins This folderonly BUILTIN Administrators gt PHOENIX Enterprise Admins This folderonly BUILTIN Administrators Subfolders andfile BUILTIN Administrators gt PHOENIX Enterprise Admins Subfolders andfile BUILTIN Administrators gt PHOENIX Enterprise Admins This folderonly BUILTIN Administrators gt PHOENIX Enterprise Admins gt PHOENIX gt PHOENIX gt PHOENIX 216 Chapter 3 NTFS Security Auditor List of Effective access for specific users and groups on folders This report allows you to view the effective permissions of specific user group accounts on folders Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Security Vulnerabilities List of
175. der Read Read Attributes Create Folders Write Attributes Write Extended Delete Read Permissions 212 Chapter 3 NTFS Security Auditor List of user accounts that have indirect access to folders due to nested group membership This report allows you to view the user accounts that have indirect access permissions on folders because of any nested group membership J Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Security Vulnerabilities List of user accounts that hawe indirect access to folders due to nested group membership Step lof Select Report Select a report from the list of Security Vulnerabilities Reports Descriptio Security Vulnerabilities a e oa ie EE This report allows you to B List of all explicit permissions for folders E A el List of folders with broken inheritance and their permissions have indirect access permissions on folders because of any nested E List of permissions for disabled user accounts on folders group membership List of permissions for orphaned accounts on folders List of permissions for accounts having destructive access on folders List of folders that have Deny permissions set both Explicit and Inherited z E List of Effective Access for specific user and groups on folders List of folders that have permissions for Everyone group Step 2
176. der subfolders and files ListDomain vbs File PHOENIX adminus S 1 5 21 23663726 Allow Read and Execute List Fold This file only S 1 5 21 23663726 Allow Read and Execute List Fold This file only New Text Document btt File PHOENIX adminus S 1 5 21 23663726 Allow Read and Execute List Fold This file only S 1 5 21 23663726 Allow Read and Execute List Fold This file only 197 Chapter 3 NTFS Security Auditor List of permissions for disabled user accounts on folders This report allows you to view the permissions for disabled user accounts on folders N Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time i Security Vulnerabilities List of permissions for disabled user accounts on folders Step 1of2 Select Report Select a report from the list of Security Vulnerabilities Reports Security Vulnerabilities sh tant This report lists the B List of all explicit permissions for folders permissions for disabled E List of folders with broken inheritance and their permissions user accounts on folders B List of permissions for orphaned accounts on folders z g List of permissions for accounts having destructive access on folders List of folders that have Deny permissions set both Explicit and Inherited List of user accounts that have indirect access to folders due to nested gr
177. der s in the shared folder Include folders after 1 Sl level of sub folder s in the shared folder Include only leat nodes in the shared folder 192 Chapter 3 NTFS Security Auditor Include upto N level s of sub folder s in the shared folder This option will view permissions from sub folders which are upto the specified folder traversal level Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permissions from sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folder s permissions Click OK to proceed Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below Security Vulnerabilities Reports List of folders with broken inheritance and their permissions 0 Refresh jaa Export Er E mail Repot Details Report Name List of folders with broken inheritance and their permissions Generated On 12 30 2014 7 02 39 PM Status Success Object Account Access Folder Path Sub Folders ma Owner User Name oe eee Security Apply To WROIO NETLOGO NETLOGON Folder
178. ders for Manager 2 wd4e EWS Share 3 Wrd46 new 4 rd46 Permissions folder Selected Permissions Access control entries 1 DISCOVERY adminuser gt Allow gt CreateFiles AnpendData gt This folder subfolders and files 2 DISCOVERY test2 gt Allow gt Modify gt This folder subfolders and files 3 DISCOVERY test4 gt Allow gt Modify gt This folder subfolders and files Assignment Rule 1 Add the new Permissions to the target Account s existing permissions If the selected Account already exist Fish Click Finish to complete the Copy Permissions wizard Permissions will be copied as specified in the wizard The summary of all the input data would be shown below along with the View change log option to view the task completion status 459 Chapter 4 NTFS Security Manager lt Copy permissions Report gt Source folder file Vrd46 Test Folder Target folder s file s ird46 Bulk folders for Manager Vrd46 EWS Share Vird46 new ird46 Permissions folder Selected permissions access control entries 1 DISCOVERY adminuser gt Allow gt Modify gt This folder Jeouhfaldore and filac View change log 460 Chapter 4 NTFS Security Manager How to reuse the Copy Permissions template The Saved Templates contains the list of saved templates to Grant Revoke and Copy Permissions Saved Templates Click on button The Saved Templates window will be displayed as shown below
179. description to save the input settings as a template You may reuse this template later Template Marne Grant Permissions task Template Descriptors 355 Chapter 4 NTFS Security Manager Click Next to proceed to the next step Step 6 Summary This step displays the summary of all the input data along with the selected options Grant Permissions Wizard Step 6 of 6 Summary Shows the details of all inputs provided in the wizard Selection Summary Shared folder s file s 1 WRD4S Address 2 WRO4S Bulk Test folder 3 WRDS49 Bulk test folderi 4 RD49 EiT supp folder 5 Wrd4o shared document 2 ADYENTURE Angelo 3 ADVENTUREJames 4 ADVENTURE michael Permissions Modify Access Control Type Back Finish Cancel Click Finish to complete the Grant Permissions wizard Permissions will be granted as specified in the wizard The summary of all the input data would be shown below along with the View change log option to view the task completion status 356 Chapter 4 NTFS Security Manager lt Grant permissions Report Selected Permission Entries to Grant Permissions Accounts S4DVENTURE alec ADVENTURE Angelo S4DVENTUREVames 4DVENTURES michael shares Tolders WEDD Address Wrd4o basic per Wee lle Tact faldar Views change log 357 Chapter 4 NTFS Security Manager How to reuse the Grant Permissions template The Saved Templates contains the list of sa
180. ditor FAQ NTFS Security Manager FAQ NTFS Change Auditor FAQ 575 Chapter 6 Scan Profiles Manager Troubleshooting If and when a problem arises please forward the following information to support vyapin com to revert back to you with a solution These files will be available where NTFS Security Management Suite 2014 is installed Error Log File E g lt Application Data gt NTFS Security Management Suite 2014 NTFSSecurityManagementSuite2014ErrorLog Log Note lt Application Data gt is the common area where NTFS Security Management Suite 2014 settings will be stored in the machine running NTFS Security Management Suite 2014 The lt Application Data Folder gt can be found from the Help gt About screen The default path of lt Application Data Folder gt is as follows a Windows XP Windows 2003 C Documents and Settings All Users Documents b Windows Server 2008 Windows Server 2012 Windows Server 2012 R2 Windows Vista Windows 7 Windows 8 Windows 8 1 C Users Public Documents 576 Chapter 6 Scan Profiles Manager How to uninstall NTFS Security Management Suite 2014 When you uninstall NTFS Security Management Suite 2014 through Control Panel Add Remove Programs applet Windows Installer program will remove only the application files from your machine But the application related files created by NTFS Security Management Suite 2014 remain in the computer In order to remove NTFS Security
181. e Note The ONS name you specity here must be visible from this computer This computer must be able to resolve the specified DNS name Domains in forest Log on using current user Ee RCT User Name AD S54 V4dministrator Password OF Cancel Enter the name of a forest 23 Chapter 2 Configuration Settings A Enumerate all Domains in a forest Specify a Forest Name The Forest Name will be used to retrieve domains present in the forest Clear the Log on using current user checkbox to specify altemate credentials for connecting to the forest Forest Name Researchlab local Note The ONS name you specify here must be visible from this computer This computer must be able to resolve the specified DNS name Domains in forest 0 E Log on using current user User Name researchlab adminuser3 Password eeeeeeeee Store the above credentials in Microsoft windows Stored User Name and Passwords applet 4 Specify user name and the corresponding password to connect to the specified forest Store the above user credential in Microsoft Windows Stored User Names and Passwords applet NTFS Security Management Suite 2014 allows the user to enter different user credentials to connect to the forest Uncheck the checkbox Log on using current user if you like to connect to the forest using a different user context NTFS Security Management Suite 2014 will store the user credential to connect to
182. e next and final step PeP 316 Chapter 4 NTFS Security Manager Step 7 Summary T i Step f of f Summary Click Finish to sawe the task details List of effective C Wsers Public Doc permissions for Pick exe ta vices i here bn ews security specific users and Click hereto view Click hereto view HTML Management Suite groups on folders 2014 Export Specfi 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Schedule Tasks 317 Chapter 4 NTFS Security Manager List of effective permissions for specific users and groups on files This report lists effective permissions for specific users and groups assigned to files available in a set of folders t e amp Shares Folders and Files wf Shares and Resources Selec option under Power Export This will bring up the Power Export Wizard Step 1 Report Selection Power Export Built in Reports Step 1of6 Report Selection Select the desired report to proceed Only one report can be selected in this category List of permissions for specific users and groups on folders List of permissions for folders List of permissions for specific users and groups on files oe List of permissions for files E List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders i vee List of effectiv
183. e permissions for users and groups on files _ E List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files 318 Chapter 4 NTFS Security Manager 1 Select Permissions Reports from the select report category drop down list Select the desired report Only one report may be selected to run in a single task 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step Step 2 User and or Group Selection Power Export Built in Reports Step 2 of 7 User Group Selection Select a server or a Scan Profile Computers or a Scan Profile Users Groups to retrieve available users and groups from Report Name List of effective permissions for specific users and groups on files Account name eT Add to list Ci Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt No Profile found gt Selected Accounts Account Type 319 Chapter 4 NTFS Security Manager S Power Export Built in Reports Step 2 of 7 User Group Selection Select a server or a Scan Profile Computers or a Scan Profile Users Groups to retrieve available users and groups from Report Name List of effective permissions for specific users and groups on files Account name eM Add to list oo Accounts from domain server Browse and Select Accounts from Scan Pro
184. e report even if errors are encountered during the validation option o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Select error information that needs to be highlighted 3 You may also select Highlight Items for highlighting rows containing certain Permissions and Account status in the report data Select the desired Permissions and status of Accounts that need to be highlighted 313 Chapter 4 NTFS Security Manager 4 You may also select Include group members information for include members of a group and their sub group members at all group levels in the report 5 Click Next to proceed to the Next step Step 5 Delivery Options 2 Power Export Standard Reports Step 4 of 6 Delivery Options Select the report delwery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path All selected reports will be exported to a time stamped folder in the format yywyy mm dd hh mm ss under the task name folder po
185. e this step to select specific user and or group accounts for which you would like to view the destructive access permissions on files folders Account name Ma Addtoist Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Select a Profile a Selected Accounts Account Name Account Type BUILTIN Administrators Local Group BUILTIN Backup Operators Local Group BUILTIN Guests Local Group BUILTIN Print Operators Local Group BUILTIN Replicator Local Group BUILTIN Server Operators Local Group BUILTIN Wsers Local Group Enter User Group name in domain account name format and click Add to List to add the user group to the selected accounts list Use Select a Scan Profile Users Groups option to use the users and groups added in a profile For more information on Scan Profiles click About Scan Profiles Users Groups Use Browse and Select option to retrieve users and groups from servers or Scan Profile Computers 205 Chapter 3 NTFS Security Auditor View pr Select Accounts Users Groups available from computers displayed below Use the Find option to search desired user group accounts Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below Q Refresh Export Sy E mail Report Details Report Name List of permissions for accounts having
186. e various operations that can be performed in the Domain Credentials screen are given below To Add a new domain to the list To Edit the properties of a domain in the list Select a domain and click Edit button To Delete a domain from the list Select a domain and click Delete button To connect to a domain in the list Select a domain and click Connect button 16 Chapter 2 Configuration Settings Add a domain You may also add one single domain at a time to the list of domains in the credentials list by using Add Domain feature Add a domain to the list 1 Launch Domain Credentials window 2 In the Domain Credentials window click z Add button to add a domain to the list 3 The New domain connection dialog will be displayed as shown below 253 Add domain el Specihy a Domain name to retrieve computers present in dE domain Clear the Log on using current user checkbox to specify alternate credentials for connecting to the domain i Domain Mame Log on using current user UserName RD54Administrator Password Cancel Enter the name of a domain Add domain Specify a Domain name to retieve computers present in 7 domain Clear the Log on using current user checkbox ta specify altemate credentials for connecting to the domain Domain Name Voyager E Log on using curent user User Name Voyager adminuser Password eeeeeeeee Fi Store the above credentials in Micro
187. ear on the screen and the report will be displayed once the data collection is finished 2 During edit operation you can modify the search inputs however you cannot modify the type of the Scan Profile 506 Chapter 6 Scan Profiles Manager Edit an existing search To edit an existing search click Edit button in the window The Power Search Dialog will appear on the screen which will allow you to edit the selected search During edit operation you can modify the computer list however you cannot modify the name of the search Delete a search To delete a search select the search you want to delete and then click Delete button The selected search will be deleted permanently Preview the settings of a search To preview the settings of a saved search select a search and then click View Details button The settings will be displayed in a window as shown below Power Search Reports This window shows the list of saved Power Search reports Select a saved search report trom the list of saved searches to proceed click Edit to edit the search settings Delete to delete the search Run to generate the search report View Details to view the search settings summary Search Name Search Description User Access Check Search Name User Access Check Selected shares folders files i gt WRDIO WEW TEST FOLDER gt WRDIO NEW TEST FOLDER SHARE gt RDIO Ntts test folder permissions gt RD10 Test folder permiss
188. ecify optional e mail settings as shown below Additional E mail Settings i af 1 E You can customize the SMTP Server From and To address Subject and body of the e mail message RD30 Jamie researchlab com Micheal reseachlab com Reports generated by NTFS Securty Management Please find the attached report generated by NTFS Security Management Suite 280 Chapter 3 NTFS Security Auditor Step 5 Schedule Settings a Power Export Built in Reports Step 5of6 Schedule Settings Enter a unique task name and specify its schedule settings Task Name file permissions Spedfy an account that has suffident privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser3 Set Password Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to the next and final step PeP 281 Chapter 3 NTFS Security Auditor Step 6 Summary Step 60f6 Summary Click Finish to save the task details C Users Public Docume Click here to view Security Management Suite 2014 Export file List of permissions for files 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Scheduled Tasks folder
189. ected target shared folder s files s 452 Chapter 4 NTFS Security Manager The following list displays the Permissions access control list of source Share folder Select the permissions to copy to the target share s folder s Select All Select explicit permissions only oe select inherited permissions only 0 Account Name DISCOVERY admin DISCOVERY test DISCOVERY test4 BUILTIN Administrat Allo DISCOVERY admin CREATOR OWNER NT AUTHORITYS BUILTIN Users BUILTIN Users BUILTIN Users Allow Allow Allow Allow Create Files AppendData Modify Modify FullControl Read ndExecute FullControl FullControl CreateFiles Append Data Read ndExecute ls Inherited False False False True True True True True True True Apply To This folder subfolders and files This folder subfolders and files This folder subfolders and files This folder subfolders and files This folder subfolders and files Subfolders and files onhy This folder subfolders and files This folder and subfolders This folder and subfolders This folder subfolders and files e Use Select explicit permissions only option to select only explicit permissions from the source shared folder file permissions list 453 Chapter 4 NTFS Security Manager The following list displays the Permissions access control list of source Share folder Select the permissions to copy to the target share s folder s E Select Al
190. ecurity Auditor Exclude Accounts Exclude the following accounts MW Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users E NT AUTHORITYSYSTEM E BUILTIN Users Select the accounts for which you want to exclude and click OK You can select Include SID option to include SID value for user in the report You can select Exclude inherited permissions option to exclude inherited permissions from the report You can select Include group membership option to include all the membership information of user and group in the report You can select Include group members option to include all the members of a group and their sub group members at all group levels in the report You can use Customize option to exclude some of the fields from the report as displayed below bi Custom View Fields E Full Path Folder Path sUb Folders E Owner User Group Name F Account Type Type Inherited amp Explicit Effective Permissions 4 T NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options 57 Chapter 3 NTFS Security Auditor Folder Path Ma a miscimae nhs Include sub folders Traverse onyji ES levels of sub folder in the shared folde
191. ecute File PHOENIX TestGroup1 gt PHOENIX TestGroup2 group PHOENDX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGroup2 gt PHOENIX TestGroup4 group Explicitly assigned Traverse Folder Execute File group PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOENDX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGroup4 gt PHOENIX TestGroup5 PHOENIX TestGroup5 gt PHOENIX TestGroup6 group BUILTIN Guests Alias PHOENIX Domain Guests group PHOENIX Guest Explicitly assigned Traverse Folder Execute File 87 Chapter 3 NTFS Security Auditor How to view Built in Reports for Shares and Resources Shares and Resources Reports The Shares and Resources reports can be generated against domains s and specific sever s as well Click on S gt TS SE button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Click Next to proceed to the next step Built in Reports Step lof3 Select Report This window shows the list of Built in reports available For the selected Built in report category Select any Report to proceed E e Shares and Resources s E List of Shares ai List of Shares with permissions 88 Chapter 3 NTFS Security Auditor
192. eed to the next step Step 3 Selection Summary This step displays the summary of data selected to copy account permissions 470 Chapter 4 NTFS Security Manager Step 3 of 3 Selection Summary Shows the details of all inputs provided in the wizard Selection Summary Selected Shared Folder s File s 1 rd10 NEW TEST FOLDER 2 wrd O NEW TEST FOLDER SHARE Apply to sub folders Search sub folders that start with 1 test Search sub folders that end with 1 sh re Include only 2nd level of sub folder s in the shared folder Include files present inside folders Copy Permissions From 1 phoenix sam Copy Permissions To 1 phoenix adminuser2 2 phoenix saru Click Finish to complete the Copy Account permissions wizard Permissions will be copied as specified in the wizard The summary of all the input data would be shown below along with the View change log option to view the task completion status lt Copy Account permissions Report gt Shares folders rdi 0 NEW TEST FOLDER rd O WEW TEST FOLDER SHARE Copy Permissions From phoenix sam Copy Permissions To phoenix adminuser2 phoenix saru Tack Ctatiic 471 Chapter 4 NTFS Security Manager Dynamic Access Control Apply Central Access Policy Revoke Central Access Policy 472 Chapter 4 NTFS Security Manager How to Apply Central Access Policy on selected Shares The Apply CAP feature allows you to apply central
193. eeeeeeseaeneeeeees 447 How to reuse the Copy Permissions template ccccccsssccccesscccceseccceencecseeecccseusecsaussecseacesseaseeseauseeseeeeesaaeeess 461 CODY Account PELiMISSIONS aidera Gocco ua Goccwed can seredececeansccouencdewancucdcouiencccuudesesacuusicueceuenadacnvasssecscusneccceubaiedosesecesoucs 463 How to copy account permissions in the selected shared folder s file S permissions list oo ccceeeeeeeeeees 464 Dynamic Access Control eiorinn antanan A snananatawadelasauasesebaneseusesuesanulovaeerawacnieuitanadauanenet 472 How to Apply Central Access Policy on selected Shares cccccsssscccesesecceeccccescccsensecssueccsseecessaeseeseaesessanseess 473 How to Revoke Central Access Policy from the selected Shares cccccccsssccccssececcsececeeecccseeceseeseceseuecetsenecess 482 Power Sear Moisanen aE NAN E T EE SEN a 495 ADOT POWER SCC Mea a N E r T O 496 How to view Power Search Permissions DACL Reports cccccccsssecccccesecceceeeeecceseeeeeceeeeeeeeeeseueeeeeeseueeesessuees 497 HOW to maonace POWEN sedl mamania aa aaa N oesaues ceed eae a eaeaeetusawusieune eae 506 Change FIStOLY lt icicciiccslentapnnicatadandanracoceceuscedd ona a a A once 508 Aout Change ISTO aieri OR 509 How to view Permissions Change HiStOsry r sarie an N R ON 510 How to view Central Access Policies Change History ccccsssccccsssccceeseccceescccssesceeseeseeseuscecseseesseesesseaesessaeeeess 514 ADDITIONAL
194. els of sub folder and also copy account permissions on sub folders that match the specified search criteria sa Copy Account Permissions Click on button The Copy Account Permissions window will be displayed as shown below Step 1 Select shared folder s file s Select shared folder s file s by using any of the input options displayed Copy Account Permissions Wizard Step 1 of 3 Select shared folder s file s Enter the full path of a shared folder file Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Click Set Search Pattern to set the search criteria for sub folder s Set Subfolder Levels to set the levels for sub folder s Shared folder jfile UNC Path Add oe Scan Profile Shares o Profile found gt Folder Path Add From E Apply to subfolders E Include files present inside folders Cancel If you want to select shares from servers for which you wish to add then click Add From option Select one or more servers to enumerate its shared folder s file s 464 Chapter 4 NTFS Security Manager Copy Account Permissions Wizard Step 1 of 3 Select shared folde Enter the full pat Select Shares folder paths from View and select Shares and Folders available from computers displayed below to set the levels fi Shared folder jfile Lf S PHOENIX scan Profile E Domain Controllers o rw C Ro10 apmins
195. emove all existing accounts and replace with the selected accounts and permissions o E Replace all child object existing permissions with inhertable pennission from this abject oa Inheritance Rule Allow inherited permissions from this object s parent oe E Block inherted pennissions from this object s parent oO oO e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Copy permissions from one share to another share s 445 Chapter 4 NTFS Security Manager How to block inherited permissions from the parent object to the target shares The Copy Permissions feature provides an option to Copy the inheritable permissions from the parent object to the target shares This option will add the inherited permissions as explicit permissions in the target Shares permissions list You can also remove the inherited permissions from the parent object to the target shares b Copy Permissions Click on button The Copy Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Copy permissions from one share to another share s eln step 4 select the option Copy inherited permissions elf you wish to remove the inherited permissions from the target shares you may use the option Remove inherited permissions to remove all the inherited permissions from the parent object Copy Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you
196. emove the Orphaned SIDs from the shared folder s file s permissions list 361 Chapter 4 NTFS Security Manager How to revoke the selected permissions from all existing explicit accounts in the share permissions list The Revoke Permissions feature allows an option to revoke selected permissions from all existing explicit accounts in the share permissions list Revoke Permissions Click on button The Revoke Permissions window will be displayed e Follow the steps 1 through 2 as outlined in How to Revoke permissions from the selected shares permissions list Step 3 User and or Group selection Select the option All existing accounts that have been assigned explicit permission panana Step 2 of 5 Select user group account s Select the user and or group accounts for which you would like to revoke permissions on selected shared folder s fle s All existing accounts that have been assigned explicit permissions Selected accounts Orphaned SIDs lt No Profile found gt Account Name Account Type 362 Chapter 4 NTFS Security Manager Click Next to proceed to the next step Step 4 Select Access Control type and permissions Click the option Selected permissions and select the ACE type and permissions Revoke Permissions Wizard Step 3 of 5 Select Access Control type and permissions Select the access control type and permissions to revoke From selected shared Folder s Filets gt A
197. enerate the selected report After the data collection process is complete the report would be generated in a report window as shown below 90 Chapter 3 NTFS Security Auditor a yg roa a ae eae a Bul 1 Reports List o shares Jel Q Refresh 3 Export Ff Filter Gy E mail Report Details Report Name List of Shares with permissions Generated on 12 Jun 2014 10 46 51 AM Domain Server Share Name User Name RD30 10000 files each 1 MB 10GB EATUR eres sie ele seme sO MUD AY Yel ig e alice Unlimited E 10000 files each 1 MB 10GB ADMINS lc Windws S Bulk folders E Bulk folders E Bulk folders cs C D D E E NETLOGON C Windows SYSVOL sysvolyes C Windows SYSVOL sysvolles New folder E New folder E New folder NTFSTestfolder C NTFST estfolder share folder for NTFSSA C share folder for NTFSSA C share folder for NTFSSA List of Reports Report Name List of Shares Reports all the shares and their properties excluding the permission information List of Shares with permissions Reports all the shares and their properties including the permission information gi Chapter 3 NTFS Security Auditor Shares Folders and Files How to view Shares Folders and Files information 92 Chapter 3 NTFS Security Auditor How to view Shares Folders and Files information
198. eport 2 Click OK to apply the selected servers to the current report or click Apply to Reports to apply the servers to the rest of the selected server reports The selected servers will be added to the wizard as shown below 329 Chapter 4 NTFS Security Manager Step 2 of6 Server Selection For each of the following reports please select the list of servers for which you would like to generate the report Double click on a Report or click Add Servers The report for each of the selected servers will be exported as a separate file List of Shares Server Name List of Shares with permissions PATHFINDERRDAS PATHFINDER RDSS PATHFINDER IRDA PATHFINDERIRO4S PATHFINDERAROS4 PATHFINDER RDS2 Add Servers 3 Click Next to proceed to the next Step 330 Chapter 4 NTFS Security Manager Step 3 Report Criteria Optional A Power Export Built in Reports Step 3J of 6 Report Criteria Optional You may specify a criteria for each of the following reports to fiter data Click Mext to keep the current criteria as described under Criteria Description or click Edit Criteria to modify it Peery m Server Reports Criteria Description eee E List of Shares Share Type Folder Share aire List of Shares with permissions Edit Criteria lt Back Merk gt Close This step allows you to apply specific conditions for filtering report data 1 To seta criteria for a report select
199. er 3 NTFS Security Auditor Security Vulnerabilities List of permissions for orphaned accounts on folders x Step 2o0f 2 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC a A folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the FEE default properties for scanning each folder Share Folder UNC Path SESE Folder Path YRD 10 NETLOGON WRD 10 NEW TEST FOLDER YRD10 NEW TEST FOLDER SHARE RD10 Ntfs test folder permissions WAD 10 NTFSTESTFOLDER 4 Indude files present inside folders Set sub folder levels You may also enter the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders option to include all files from the specified folders in the report Use Set sub folder levels option to view permissions in the selected levels of sub folder s in the shared folder Folder Levels Folder Levels Include upto 3 aird jevel of sub folder s in the shared folder gt Include only 1 St level of sub folder s in the shared folder Include folders after 1 St level of sub folder
200. er option In Run now option you can optionally save the input settings as a template Click on Save As Template and enter a name and description to save the wizard settings as a template for reuse In case of Run later option enter a unique task name and specify its schedule settings Select Run now option to run the task immediately after finishing the wizard steps 388 Chapter 4 NTFS Security Manager Step 4 of 5 Revoke Permissions now or Schedule it to run later You may run this task now or schedule it for later Runnow Save As Template Runlate Task Name PO PSS Run As PHOENIX adminuser4 Schedule Task start OMe 07 32 PM Advanced Schedule Task Daily it da Y 5 In Run now option you can optionally save the wizard settings by clicking on Save As Template as shown below 389 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 4 of 5 Revoke Permissions now or Schedule it to run later You may run this task now or schedule it for later Runnow Save As Template Run later oe Enter a name and description to save the input settings as a template for reuse later Task Name Template Mame Revoke permissions Run As Template Description admin share Schedule 7 Schedule Click OK to save the input settings as a template 390 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 4 of 5
201. erate the selected report After the data collection process is complete the report would be generated in a report window as shown below 79 Chapter 3 NTFS Security Auditor Qj Refresh 3 Export Filter 5a E mail Report Details Report Name List of effective permissions for specific users and groups on folders Generated on 09 Jun 2014 03 30 54 PM Type Folder Path Sub Fokders Owner Inherited amp Effective Permissions Explicit RD10 NETLOGON NETLOGON BUILTIN Administrz inistr Alias ini User Explicitly assigned Traverse Folder Execute File Explicitly assigned Traverse Folder Execute File Traverse Folder Execute File Traverse Folder Execute File Traverse Folder Execute File PHOEND TestGroupt group PHOENDATestGrou Explicitly assigned Traverse Folder Execute File PHOENDATestGroup1 gt PHOEND TestGroup2 group PHOENDATestGrou Explicitly assigned Traverse Folder Execute File a gt PHOENIX TestGroup4 Promenrancra gt omirentows omop frome noe sere Traverse Folder Execute File PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOEND TestGroup4 gt PHOENDTestGroup5 group PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGroupS gt PHOENIX TestGroup6 PHOEND TestGroupS gt PHOEND TestGroup group Explicitly assigned Traverse Folder Execute File DILIT TTN Osalan Alisan Cem licith sanninna BUILTIN Administrat
202. eritance from the parent object and also Replace all child objects existing permissions with the inheritable permissions from this object while copying permissions for accounts e Copy Permissions Click on button The Copy Permissions window will be displayed as shown below Step 1 Select source shared folder file Select source shared folder file by using any of the input options displayed Copy Permissions Wizard x Step 1 of 6 Select source shared folder file Enter the full path of a source shared folder jfile Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Share Folder UNC Path Sean FrofilesiShares Select a Profile Folder Path e If you want to select shares from servers for which you wish to add then click Add From option e Select one or more servers to enumerate its shared folder s file s 447 Chapter 4 NTFS Security Manager Step 1 of 6 Select sz Enter the full pat paths from a text Share Folder UNC aay DISCOVERY Scan Profiles She 5 Domain Controllers S RDS Folder Path S RD46 nokia I WRD46 ARKAD Screen Shots ve WRD46 Exch 2007 5P1 LL wro eics LL Rossen WRD46 samoletask l VWAD46 Share folder for unknown test 3 I VADS6 sony WRD46 test group E VWRD46 new e Use Select a Scan Profile Shares option to use the shares added in the profile 448 Chapter 4 NTFS Securit
203. ermissions on files present inside the selected folders Use Set Search Pattern option to copy an account permissions for sub folders that match certain pre defined conditions like Folder name starts with Folder name ends with Example Folder name starts with test Folder name ends with share 466 Chapter 4 NTFS Security Manager Copy Account Permissions Wizard Step 1 of 3 Select shared folder s Tile s Enter search criteria for subfolders Replace subfolders that start with Replace subfolders that end with ee Starts with Remove Ends with Apply to subfolders Include files present inside folders Use Set Subfolder Levels option to copy an account permissions in the selected levels of sub folder s in the shared folder 467 Chapter 4 NTFS Security Manager Copy Account Permissions Wizard 2 Step 1 of 3 Select shared folder s file s Enter the full path of a shared folder jfile Click Add From to load the list of shares Import to import a list of UNC folder paths from a text fle and CSV file Click Set Search Pattern to set the search criteria for sub folder s Set Subfolder Levels to set the levels for sub folder s Shared folder jfile UNC Path i Scan Profile Shares Replace Folder Path Subfolder Levels Wd 10 NEW TEST FOLDER Sb Soltis lere yd 10 NEW TEST FOLDER 5 j ee ee Import Include upto 1 level of sub folder s in the shared folder Include only 2 nd level
204. ers r Apply Profile Clear Profile For server based reports you can apply a Scan Profile by clicking the button in the report window The Scan Profiles Manager will show up on screen select a Scan Profile and then click Apply button to apply the selected profile For server based reports however a Scan Profile when applied reloads the tree view in the left pane in the report window with the list of computers in the selected Scan Profile After a Scan Profile is applied you can select the desired computer in the tree view in the report window to generate the report Click the Clear button to clear the applied profile This will reload tree view with the list of all domains in the network 539 Chapter 6 Scan Profiles Manager How to apply Scan Profiles Computers in NTFS Security Manager Module You can apply Scan Profile Computers to Grant Permissions Revoke Permissions Copy Permissions and also Modify Permissions that involves changes to permissions for the accounts on shared folder s file s The following steps describe on how to apply Scan Profiles computers in the Grant Permissions wizard Y Grant Permissions Click on button in the toolbar The Grant Permissions window will be displayed as shown below Grant Permissions Wizard Step 1 of 6 Select shared folder s file s Enter the full path of a shared folder file Click Add From to load the list of shares Import to import a list of UNC folder
205. erse Folder E xecute File List Folder Read Data Read Attributes Read Extended Attributes ool Create Files w rite Data E Create Folders Append Data Access Control Type Mi Allow C Deny MW Revoke only if there is an exact match objects that have exactly these permissions Back Merck Cancel e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Revoke Permissions from selected shares permissions list 372 Chapter 4 NTFS Security Manager How to revoke the selected accounts and all their permissions from the share permissions list The Revoke Permissions feature provide the option to remove the selected accounts and all their permissions from the share permissions list Revoke Permissions Click on button The Revoke Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Revoke Permissions from selected Shares permissions list Step 4 Select Access Control type and permissions Select the option All existing permissions Revoke Fermissions Wizard Step 3 of 5 Select Access Control type and permissions Select the access control type and permissions to revoke From selected shared Folder si Filets All existing permissions Selected permissions oA Advanced Permissions if Traverse Folder Evecute File E List Folder Read Data E Read Attribute
206. es and policies permissions How to check the shared folder and subfolders affected by DAC policies 97 Chapter 3 NTFS Security Auditor About DAC Reports The DAC Reports feature provides many options to view the Dynamic Access Control DAC effective permissions on shared Folders You may view the selected Account effective DAC permissions on shared folders and the associated effective DAC permissions for specific folders You may also check the folders affected not affected by DAC Central Access Policies and view the Central Access Policy and Central Access Rule CAR available on the selected Domain Server Here are some examples of how you may make effective use of this feature 1 Determine what type of permissions and conditions have been configured for each the Central Access Rules in Central Access policy over the domain 2 Search on who have access limited permissions by DAC on which folders 3 Select a set of accounts and determine for which shared folders they have DAC permissions 4 Determine on which shared folders and subfolders have been affected not affected by the Central Access Policy 5 Select a Set of Domain s Server s and determine the configured Central Access Policies and Central Access Rules The DAC reports feature provides reports in the following categories groups on folders specified users and groups Effective DAC permissions for Accounts having List of Central Access Policies CAP and Central Re
207. es available in a set of folders Scan Profiles Shares and permission reports You can apply a Scan Profile Shares to permissions reports either using Power Export Tool for off line generation or Interactive Report Generation This option will useful if permissions for certain shares need to be monitored frequently Rather than searching for shares adding them to list and viewing their permissions You can create a subset of shares save them as a profile generating permissions reports for them The following shows how Scan Profiles Shares can be applied to permission reports in Interactive report generation and Power export tool 567 Chapter 6 Scan Profiles Manager Scan Profiles Users Groups and Interactive Report Generation Perform the following steps for applying Scan Profiles Shares to permission reports in Interactive report generation S Built in Reports w Permissions a Shares and Resources Click on under Built in Reports in the tool bar Select any one of the permissions reports listed above and click Next to proceed In the next step select the option Select a Scan Profiles Shares as shown below Built in Reports List of permissions for folders Step Zof Select server s for Shared Folders list Enter the full path of a Share or Shared Folder Click Odd From to load the list of shares Import to import a list of UNC Folder paths From a text File Select a Folder in the list below and
208. es for computer enumeration Include files pre cance e Use Select a Scan Profile Shares option to use the Shares added in the profile 380 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 1 of 5 Select shared folder s file s Enter the full path of a shared folder jfile Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Click Set Search Pattern to set the search criteria for sub folder s Set Subfolder Levels to set the levels for sub folder s Shared folder file UNC Path Scan Profile Shares lt No Profile found gt o Folder Path Add From MRD 10 NEW TEST FOLDER VRD 10 NTFSTESTFOLDER e o Remove E Apply to sub folders Include files present inside folders Back Next Cancel You may also type the UNC path of a folder that is not in the list such as a folder that is shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button e Apply to all the sub folders This option will revoke permissions from all sub folders of the folders added in this wizard e Include files present inside folders This option will revoke permissions from all files present in the added folders and their sub folders e Use Set Search Pattern option to revoke permissions from sub f
209. est from the Domain Enumeration Manager list m a different forest and then supply necessary credentials for the selected domain Sh Add E Edit S Delete 4 Connect A Add domains from forest Domain Name Forest Name User Name Status Researchlab researchlab local researchlab adminuser3 Connected 3 An alert message asking for confirmation to delete the forest will be displayed as shown below 0 Do you want to delete Researchlab from the list 21 Chapter 2 Configuration Settings 4 Click Yes to delete the selected forest 5 Click No to abort the delete process of the selected forest 22 Chapter 2 Configuration Settings Add domains from forest In order to connect to a different forest in your Active Directory and configure these domains for enumerating computers and generating reports on them you may use the Add Domains from Forest feature Add domains from forest to the list 1 Launch Domain Credentials window 2 In the Domain Credentials window click AA to add domains from forest button to add domains in the forest to the list 3 The Add domains from forest connection dialog will be displayed as shown below ae Enumerate all Domains tn a forest 2 Specify a Forest Hame The Forest Name will be used to retrieve domains present in the forest Clear the Log on gh using curent user checkbox to specify alternate credentials for connecting to the forest A Forest Nam
210. eted permanently Preview the settings of a Template To preview the settings of a saved Template select a saved Grant permissions template and then click View Details button The settings will be displayed in a window as shown below Permissions Template Select any template from the list of saved templates to proceed Click Open to modify the selected template Click Delete to delete any selected template and Click View Details to view the contents of selected template Template Name escnpti Template Type z Grant pemissions task2 forthe common share Grant pemissions task forthe Admin share folder Summary Template Name Grant permissions taski 1 vsspro Alex 2 vsspro john Selected shared folder s file s 1 wsswksl4 share for adminuser Selected Permissions 1 Read Control Type Allm 359 Chapter 4 NTFS Security Manager Revoke Permissions About Revoke Permissions How to revoke permissions from the selected shares permissions list How to reuse the revoke permissions template 360 Chapter 4 NTFS Security Manager About Revoke Permissions The Revoke Permissions feature provides many options to remove Accounts and their permissions from the existing list of ACE entries in shared Folders and Files You may revoke all existing explicit Accounts and also you may selectively revoke a set of permissions granted to accounts Here is the list of actions you can perform using the Revoke Permission
211. evel s of sub folder in the shared folder Mast Apply tnis seting toa folders init Click OK to proceed Click Finish to generate the selected report 105 Chapter 3 NTFS Security Auditor After the data collection process is complete the report would be generated in a report window as shown below Refresh z Export 58 E mail Report Details Report Name Effective DAC permissions for specitic users and groups on folders Generated an 16 Jan 2073 06 03 14 PM Status Success Applied Account Access Limited User Mame Folder Path Sub Folder Owner f Policy Type Vrdl2iTest Test WIM 1 2itesk4 User Active WIM 2ibeskt User Active Finance Department WIK1 Guest User Disabled Finance Department hy BUILTIN Administrators Finance policy WIM Zadministrator User G4ctive ee Security Delete subfolders and files Delete Full control List Folder read data Delete subfolders and files Write attributes Read extended attributes Read attributes Create Folders append data Full control Traverse folder execute File Create Files write data Read permissians 106 Chapter 3 NTFS Security Auditor How to view the effective DAC permissions for Accounts having permissions on specific folders Effective DAC permissions for Accounts having permissions on specific folders DAC Reports Click on button The DAC Reports window with the list of reports wi
212. ext step e Follow the steps 5 through 6 as outlined in How to Copy Permissions from one share to another share s 442 Chapter 4 NTFS Security Manager How to remove all the existing explicit accounts and replace with the new accounts The Copy Permissions feature allows you to remove all existing accounts that have explicitly assigned permissions for shares and replace them with the selected accounts and permissions Note that this will not remove inherited permissions from parent folder Copy Permissions Click on button The Copy Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Copy Permissions from one share to another share s e In step 4 select the option Remove all existing accounts and replace with the selected accounts and permissions Copy Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to copy permissions to the selected target shared folder s fle s permission list Assignment Rule Copy the selected permissions to the existing pennissions list f the selected account already exists in the permissions list oO Remove all existing accounts and replace with the selected accounts and permissions oo E Replace all child object existing permissions with inheritable permission from this object oe Inheritance Rule e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Copy Perm
213. f effective permissions for users and groups on files 3 List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files Click Next to proceed to the next step Step 2 Select User Group Accounts Select user and or group accounts for which you would like to view the permissions for folders files 47 Chapter 3 NTFS Security Auditor Built in Reports List of permissions for specific users and groups on files Step 2of3 Select User Group Account s Select user and or group accounts for which you would like to view the permissions on files folders Account name Accounts from domain server Browse and Select Accounts from Scan Profiles UsersGroups lt No Profile found gt Selected Accounts Account Name Account Type BUILTIN dministrators Local Group BUILTIN Backup Operators Local Group BUILTIN Guests Local Group BUILTIN Print Operators Local Group BUILTIN Replicator Local Group BUILTIN Users Local Group e Enter the name of User Group in domain account name format and click Add to List to add the name to selected accounts list e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups e Use Browse and Select option to retrieve users and groups from servers or Scan Profile Computers 48 Chapter
214. f you do not want files with identical permissions as the parent folder reported then select Do not display files that have same permissions as the parent folder option This option will not report files with identical permissions as the parent folder 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Options button That will show up a window as shown below 267 Chapter 3 NTFS Security Auditor Folder Options Folder Path WROD 10 TestShareFolder j Indude sub folders E Traverse only 1 level s of sub folder in the shared folder Apply this setting to all folders in list 5 Modify the folder options as required and click OK 6 You can use Customize option to exclude some of the fields from the report as displayed below Ss 1 E Full Path Folder Path Sub Folders E Owner UsernGroup Name F Account Type Type Inherited amp Explicit Effective Permissions Select the customize options as required and click OK You can select Exclude inherited permissions option to exclude inherited permissions from the report Click Next to proceed to the Next step 268 Chapter 3 NTFS Security Auditor Step 4 Additional report settings pi Power Export Built in Reports Step 4 of T Additional report settings Select additional report settings
215. feature helps the user to export report data generated by NTFS Security Management Suite to a file using various formats namely HTML CSV XLSX SQL Click a for exporting the information in the desired format Export Select the export path format and file name for the report to be exported Export Path EES Lene Eee een Cee EME Tn File Format HTML File Name List of permissions for folders Export to time stamped subfolder Note This evaluation version exports only 10 records OK Cancel Specify a file name to export report data to or accept the default file name Specify the export path and select a desired file format The path refers to the destination location where the output file generated should be stored It can be given using the Browse button To avoid overwrite existing files if any in the specified export path By default the report will be exported to a time stamped sub folder in the format YYYY MM DD HH MM SS under the specified export path In XLSX file format the information is stored as sheets in Excel file For each report a XLSX file will be generated The name of the XLSX file will be the name of the report and is stored in the specified destination path if Export to time stamped folder option is cleared The XLSX file will be stored under a sub folder of the form YYYY MM DD HH MM SS under the specified export path if Export to time stamped folder option is set In CS
216. files Users Groups lt No Profile found gt oO Selected Accounts Account Name Account Type BUILTIN Backup Operators Local Group BUILTIN Guests Local Group BUILTIN Network Configuration Operators Local Group BUILTIN Performance Monitor Users Local Group BUILTIN Print Operators Local Group BUILTIN Remote Desktop Users Local Group BUILTIN Replicator Local Group BUILTIN Wsers Local Group e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups 1 Select the user or group for which you wish to run the permissions report The selected users will be added to the wizard as shown above 3 Click Next to proceed to the Next step 320 Chapter 4 NTFS Security Manager Step 3 Shared Folder Selection A Power Export Built in Reports Step 3 of 7 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of effective permissions for specific users and groups on files UNC Path Folder Path Indude sub fold Folder level VRAD 10 TestShareFolder True All Do not display files that have the same permissions as the parent folder Edit
217. folder and exported file The exported file must be from any one of the built in permissions reports Select a Baseline reference folder and a exported file to compare using the respective browse buttons 177 Chapter 3 NTFS Security Auditor Compare ACLs Wizard Step 2 of 2 Select shared folder and exported file The exported file must be from any one of the built in permissions reports Select the shared folder and exported file using browse button Click Set subfolder levels to set the levels of subfolder s to read ACLs from Baseline reference Folder Exported File to compare Note You may select an exported file of any one of the built in permissions reports below e List of permissions for folders e List of permissions for specific users and groups on folders e List of permissions for files e List of permissions for specific users and groups on files 178 Chapter 3 NTFS Security Auditor Compare AC Select Shares to read ACLs Scan Profiles Computers Baseline refe Ea Sample Scans T Scan Profiles Shares Ly test Sami Domains MPRTEST PHOENIX i Domain Controllers EF VRDI0ADMIN bed WRDIO CS ES WRDIOWETLOGON EPA RD 10 NEW TEST FOLDER r ES WRD10 WEW TEST FO e Include sub folders Enabling this option will process the sub folders of the specified shared folders for comparison e Exclude inherited permissions Enabling this option will exc
218. for folders List of permissions for specific users and groups on files List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders i List of effective permissions for users and groups on files List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files 244 Chapter 3 NTFS Security Auditor 1 Select Permissions Reports from the select report category drop down list Select the desired report Only one report may be selected to run in a single task 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step Step 2 User and or Group Selection Power Export Built in Reports Step 2 of 7 User Group Selection Select a server or a Scan Profile Computers or a Scan Profile Users Groups to retrieve available users and groups from Report Name List of permissions for specific users and groups on folders Account name dh Add to list Ci Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt No Profile found gt Selected Accounts Account Type 245 Chapter 3 NTFS Security Auditor 2 amp Power Export Built in Reports Step 2 of 7 User Group Selection Select a server or a Scan Profile Computers or a Sc
219. forest in the Microsoft Windows Stored User Names and Passwords applet Credential Manager for security reasons The stored user profile is tied to the user context currently logged on user account in which the profile is created 5 Click Show Domains button to add the domains in the specified forest to the list and select the desired domains in the list Click OK to add the selected domains to the Domain Credentials list as shown below 24 Chapter 2 Configuration Settings Specify a Forest Name The Forest Name will be used to retieve domains present in the forest Clear the Log on using curent user checkbox to specify atemate credentials for connecting to the forest Forest Name Reseanchlab local This computer must be able to resolve the specified DNS name Log on using curent user User Name researchlab adminuser3 Password TTT iiiii Ei Store the above credentials in Microsoft windows Stored User Name and Passwords applet i E oi dikin on the Add button below Click Hakl domaine from forest ee er ceray credertids for the aclocted domain H Add A Edit AA Delete y Connect Add domains from forest Domain Name Forest Name User Name Status CHILD researchlab local researchlab adminusers Not Connected pocasia emehe cor tn Show at startup 25 Chapter 2 Configuration Settings Configure SMTP Server NTFS Security Management Suite 2014 provides the option to e mail the
220. from the report as displayed below eae r sr Fields E Full Path Folder Path Sub Folders E Owner User Group Name F Account Type Type Inherited amp Explicit Effective Permissions Select the customize options as required and click OK You can select Exclude inherited permissions option to exclude inherited permissions from the report Click Next to proceed to the Next step 248 Chapter 3 NTFS Security Auditor Step 4 Additional report settings A Power Export Built in Reports Step 4 of 7 Additional report settings Select additional report settings Additional Report Settings Validate for Errors Generate report ignoring any errors found Generate report only if no errors were found Send error report through e mail E mail Settings Highlight Errors Access is denied The specified network name is no longer available The specified path file name or both are too long Indude errors as part of the report Highlight Items Permissions E Blocked Inheritance E Full Control E Modify E Delete W Indude group members Indude group membership 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate the report even if errors are encou
221. g accounts and replace with the selected accounts and permissions e Replace all child objects existing permissions with the inheritable permissions from this object Inheritance Rule e Allow inherited permissions from this object s parent e Copy inherited permissions e Remove inherited permissions Replace the account s existing permissions with the new permissions If a selected account already exists in the current list of permissions of the selected shared folder s file s this option will replace all explicitly assigned account permissions with the newly selected permissions for that account 353 Chapter 4 NTFS Security Manager Example If the share already has some accounts with permissions like Allow Read and Write and if the same existing accounts selected with permissions Deny Modify to grant permissions then this option will replace the existing accounts previous permissions Allow Read and Write with new permission Deny Modify Otherwise if the selected account not exist in the share permissions list then it will add into the permissions list Also apply the above to subfolders and files that do not have inheritance set non inherited folders and files This option will grant permissions to the selected accounts on subfolders and files that do not have inherited permissions from its parent object with respect to the above options Note If this option is checked the subfolders and files must have the applicable
222. h RD10 NEW TEST FOLDER Replace subfolders that starts with Replace subfolders that ends with fe add Starts with Ends with Reset test share SIF Add Replace accounts on subfolders Set Search Pattem Set Folder Levels Include files present inside folders ihented permissions trom the parent Allow Ini j c i RESEARCHLAB e eOe e i hE SPACFNFT pa ae Click OK button in the Folder Search Options window O A AAAA Use Set Folder Levels option to replace the accounts in the selected levels of sub folder s in the shared folder 421 Chapter 4 NTFS Security Manager Permissions Modifier Accounts Basic Permissions Permissions PHOENIX sam Full Control Accounts Selection BS Select User Group Accounts Select the user andor group accounts for which you would like to Replace the permissions on Shares Tolders ES a Add to list Folder Levels Ea Folder Path RD10 NEW TEST FOLDER Accounts fro Selected Acco Folder Levels Account Nami Apply upto 3 4 rd level of sub folder s in the shared folder Fai Remove phoenix acmi Apply only 1 level of sub folder s in the shared folder Apply folders after 1 H level of sub folder s in the shared folder Apply only leaf nodes in the shared folder Set Search Pattem Set Folder Levels Replace Cancel Replace accounts on subfolders Include files present inside folders Allow ented permissions trom the parent
223. h folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level WRD10 NETLOGON True DER True VRD10 NEW TEST FOLDER SHARE True WRD 10 NTFSTESTFOLDER True Do not display files that have the ee eee 3 same permissions as the parent folder Ec arci ACCOUNTS Op Indude group members E Indude SID Customize Indude group membership O Exclude inherited permissions You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default If you want to exclude specific accounts from reporting select Exclude Accounts option Click Accounts button to launch Exclude Accounts window as shown below 56 Chapter 3 NTFS S
224. h wou would like to create a profile Profile Name Sample Profile Add Accounts Account Mame Accounts From domainiserwer Browse and 5 elect Selected Accounts Account Mame Account Type ACVEN TURE Adminuser adventure scholes 5 Click Finish to save the Users Groups profile for future use 548 Chapter 6 Scan Profiles Manager How to manage Scan Profiles Users Groups Shar Click a gies to launch the Scan Profiles Manager Users Groups The Scan Profiles Manager Users Groups shows the list of available profiles J Scan Profile Manager Users Groups Tou can setup Scan Profiles Users Groups to scan a subset of users in servers and save these profiles for repeated use This window lists available profiles Click New to create a new profile Click Edit to modify selected profile Click Delete to delete a profile Click Preview to view the contents of a profile Frequent Checks Restricted sers Roaming Users New Edit Delete Preview The Scan Profiles Manager allows you to perform the following operations e Create a new Scan Profile Users Groups e Edit an existing Scan Profile Users Groups e Delete a Scan Profile Users Groups e Preview the list of users and groups in a Scan Profile Users Groups Create a new Scan Profile Users Groups 1 To create a new Scan Profile Users Groups click New 2 Follow the steps as ou
225. hared folder This option will view permissions from sub folders which are upto the specified folder traversal level Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permissions from sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folder s permissions Click OK to proceed Click Next to proceed to the next step Step 3 Select User Group Accounts This step is optional Use this step to select user and or group accounts for which you like to view the explicit permissions for folders files Security Vulnerabilities List of all explicit permissions for folders Step 3of3 Select User Group Account s Optional This step is optional Use this step to select specific user and or group accounts for which you would like to view the explicit permissions on files folders Account name Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Select a Profile Selected Accounts Account Name Account Type BUILTIN Administrators Local Group UILTIN Backup Operators Local Group LTIN Guests Local Group BUILTIN Print Operator
226. hared folder file permissions to the selected target shared folder s file s permissions list Replace existing accounts permissions with the new permissions How to to a target shared folder file and files How to Copy permissions to the target object s subfolders and files that do not have inherited permissions from its parent object with respect to the above options Remove all existing accounts that have explicitly assigned permissions for target shares and Replace all explicit permissions existing in descendant with the inherited permissions from the current object How to Remove explicitly defined permissions on all descendant objects and replace them with the inheritable permissions from the target shared folder s file s permissions list Allow inheritable permissions from the parent object to the target shares It will not affect the already existing explicit permissions Copy and Remove the inheritable permissions from the parent object to the target shares Copying the inheritable permissions will add the inherited permissions as explicit permissions in the target shares permissions list Removing the inherited permissions will remove all the inherited permissions from the parent to the target object 440 Chapter 4 NTFS Security Manager How to replace existing accounts permissions with the new permissions The Copy Permissions feature allows you to replace the existing accounts permissions If the exi
227. hares Folders and Files a8 shares and Resources tion under Power Export This will bring up the Power Export Wizard Step 1 Report Selection i Power Export Built in Reports Step 1 of Report Selection Select the desired report to proceed Only one report can be selected in this category List of permissions for specific users and groups on folders List of permissions for folders List of permissions for specific users and groups on files List of permissions for files B List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files E List of effective permissions for specific users and groups on folders E List of effective permissions for specific users and groups on files 308 Chapter 4 NTFS Security Manager 1 Select Permissions Reports from the select report category drop down list Select the desired report Only one report may be selected to run in a single task 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step Step 2 User and or Group Selection ort Built in Reports step 2 of f User Group Selection Select a server or a Scan Profile Computers or a Scan Profile Users Groups to retrieve available users and groups from Report Name List of effective permissions for specific
228. he Dor Rule Hame Rule Condition User Mame Security Mame Mame Type wWwINIZ Dept policy Probected MORESOURCE Confidentiality 88cfclPade3925c6 2000 Built in Administrators ReadandExecute Read ndExed Domain Policy Access Department RESOURCE Confidentiality MS 3000 Finance policy Protected MORESOURCE Confidentiality 88cfclPade3925c6 2000 Finance Departr RESOURCE AccessAllowed 68cFe092262dF9b3 1 Readdndexecute Write Chang proposed Protected RESOURCE Confidentiality G8chclFades925c6 2000 Department RESOURCE Confidentiality MS 3000 gt 116 Chapter 3 NTFS Security Auditor How to check the shared folders and subfolders affected by DAC policies Folders affected not affected by DAC Central Access Policies DAC Reports Click on button The DAC Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time DAC Reports Step 1of3 Select Report Select a report from the available DAC Reports E E Description DAC Reports Select a report from the Effective DAC permissions for specific users and groups on folders avaiiahlc vip Reports sete Effective DAC permissions for Accounts having permissions on specific folders see List of Central Access Policies CAP and Central Access Rules on the Domain Folders affected not affected by DAC
229. he NTFSSecurityManagementSuite2014 database separate tables will be created for each installation of NTFS Security Management Suite 2014 The table names will be prefixed with the computer name that is running NTFS Security Management Suite 2014 application Thus each installation of NTFS Security Management Suite 2014 will deploy its own tables based on the computer where NTFS Security Management Suite 2014 is installed For example if you install the software on 3 different computers single database with 3 different tables will be created inside the single database and each installed application will generate reports separately independent of each other NTFSSecurityManagementSuite2014tmpSchdulelnfo database will be created in the SQL server for scheduled tasks 2 Use a separate database for each instance of the application O NTFS Security Management Suite 2014 module creates a single application database in the default data storage location used by the SQL Server during application launch NTFS Security Management Suite 2014 uses the following naming convention NTFSSecurityManagementSuite2014 lt COMPUTERNAME gt where COMPUTERNAME is the name of the computer running NTFS Security Management Suite 2014 NTFSSecurityManagementSuite2014tmpSchdulelnfo lt COMPUTERNAME gt database will be created in the SQL server for scheduled tasks For example if the computer running the NTFS Security Management Suite 2014 is CLIENTO1 NTFS Secu
230. he View option Then click Show History button The Modify Permissions history will be displayed as shown below 512 Chapter 6 Scan Profiles Manager Q Refresh Export E E mail Generated on 29 May 2015 04 57 22 PM Status Success Task Name ae and kiiva Share Path Pemissions i pi Selected Options lt Modify permissions Old account VOY 5 6 2015 5 01 17 Pl Old account i eae ee ee Ee o ee 5 6 2015 4 47 42 Pl vsspro peter WRDS0 NTFS Share Allow This folder sub T B F Select required From and To dates Select Copy Account Permissions in the View option Then click Show History button The Copy Account Permissions history will be displayed as shown below Q Refresh p3 Export Eyl E mail Generated on 79 May 2015 05 26 08 PM Status Success Date and Time Access Apoly Selected i Task Nene Account Name Share Path Pemissia Type To Options Task lt Copy Account permissio 5 29 2015 5 25 51 Copy Permissions From voyager robij rd40 test Pf er Task t 5 29 2015 5 25 25 Copy Permissions From voyager glor rd40 test ii T Task 513 Chapter 6 Scan Profiles Manager How to view Central Access Policies Change History The Change History feature allows you to view central access policies change history of NTFS Security Manager You can view central access policies change history between specific date interval by selecting From and To dates By default it shows the histor
231. he list of saved Power Search reports Select a saved search report trom the list of saved searches to proceed click Edit to edit the search settings Delete to delete the search Run to generate the search report View Details to view the search settings summary Search Name Search Description User Access Check Search Name User Access Check Selected shares folders files gt WRDIO NEW TEST FOLDER gt WRDIO NEW TEST FOLDER SHARE gt RDIO Nts test folder permissions gt RD10 Test folder permissions Access Control Type gt Allow gt Deny Basic Permissions Road and Evariite flict Enldor Cantante 170 Chapter 3 NTFS Security Auditor Compare ACLs About Compare ACLs How to ACLS of Folders How to Compare ACLs of a folder with exported ACL data of another folder 171 Chapter 3 NTFS Security Auditor About Compare ACLs Compare ACLs allows you to compare the inherited and explicit permissions of the shared folders Select any one of the following options to compare folder ACLs Compare ACLs of folders Compare ACLs of a folder with exported ACL data of another folder 172 Chapter 3 NTFS Security Auditor How to Compare ACLs of folders This option in Compare ACLs features allows you want to compare all inherited and explicit permissions of two different shared folders This option will compare only those sub folders that are available in common by name i
232. he password for the specified user Change the task schedule settings as required Click Next to proceed to the next and final step a ee 253 Chapter 3 NTFS Security Auditor Step 7 Summary T i Step f of 7 Summary Click Finish to sawe the task details List of permissions C Wsers Public Doc for SMC users me aa Pe ba a Security and groups on Click hereto view Click here to view Management Suite folders 2014 Export Folder 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Schedule Tasks 254 Chapter 3 NTFS Security Auditor List of permissions for folders This report allows you to view the associated folder permissions for a set of folders TSTMS Ss i Permissions Select af Shares Folders and Files 28 Shares and Resources the Power Export Wizard Step 1 Report Selection x Power Export Built in Reports Step 1of7 Report Selection Select the desired report to proceed Only one report can be selected in this category B List of permissions for specific users and groups on folders E List of permissions for folders E List of permissions for specific users and groups on files List of permissions for files E List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders ve E List of effective pe
233. his folder subfolders and files Apply these permissions to objects andor containers within this container only e The updated advanced permissions for the selected account as shown below Cancel 437 Chapter 4 NTFS Security Manager ET SS OS MnO EI Accounts Basic Permissions Permissions Allow Deny E Add Domains Refresh ADVENTURE alec Full Control Pd lt No Share Profile found Configure ADVENTURE Martin Modify ADVENTURE alex Read and Execute List folder 6 4 ADVENTURE ADVENTURE Robin Read 3 Lay Domain Controllers ADVENTURE Richard Write d e RD49 BUILTIN Administrators Special permissions BD wue NT AUTHORITY SYSTEM iene E EAR E wona List Folder Read Data E WRD49 Address Accounts Advanced Permissions Pead Attributes fad WAD49 admin folder Account Name ACEType Inherited Read Extended Attributes EE WRD4S ADMINS ADVENTURE alec N Create Files Write Data fae WRD49 basic per ADVENTURE Martin Create FoldersAppend Data EE WRD49 Bulk Test folder ADVENTURE alex Allow Write Attributes Pg WRD49 Bulk test foldert ADVENTURE Rabin low N Write Extended Attributes pE ARDAS BulkTestivithOu ADVENTURE Richard Hwy J Delete Subfolders and Files fad WRD49 CS BUILTIN Administrators Allow s Delete EE WRD49 DS NT AUTHORITAS YST Allow 3 Read Femissions Ea WAD4S ES ADVENTURE adminuser Allow e Change Permissions ae WRD4S E ff supp folder a a Curent owner BUILTIN Administrators
234. ick on Find Button By default NTFS Security Management Suite adds an asterisk as a suffix to the specified search criteria if no wildcard character is present in it In this case NTFS Security Management Suite finds a match in the report for all fields that have the text Domain followed by zero or more characters that is Domain Domain Controllers Domain Admins etc For all the matches found NTFS Security Management Suite highlights the corresponding columns in the grid and scrolls the grid automatically to the first occurrence 4 NTFS Security Management Suite finds additional occurrences of the specified search criteria instantaneously To locate other occurrences of the same search criteria in a report you need to scroll the report grid downwards 527 Chapter 6 Scan Profiles Manager 34 Domains Shares PATHFINDER fos x Refresh Export F Filter E Customize Egy E mail Find E S E Enterprise DOMAINS ll ADVENTURE Host Mame Share Mame User Mame Security Masimu Comir Ga DISCOVERY Uses fay PATHFINDER RD45 ADChangeTracker F Bharath W0Chand sys ele Allow Full Control Unlimited 2 fm VSSPRO Address Program FilestExcEweryone Allow Fead Unlimited ACCE a vYAPINLAB BUILTIN Administ Allow Full Control Unlimited Acce PATHFINDER ED Allow Full Control Unlimited ACCE ADMIN CAMINDA Admin Share Unlimited Remot Bharath Source Coo F Bharath Bharath PATHFIMDERVSD Allo
235. idation option o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Select the error information that needs to be highlighted 3 You may also select Highlight Items for highlighting rows containing certain Permissions and Account status in the report data Select the desired Permissions and status of Accounts that need to be highlighted 304 Chapter 4 NTFS Security Manager 4 You may also select Include group members information for include members of a group and their sub group members at all group levels in the report 5 Click Next to proceed to the Next step Step 4 Delivery Options 1 Change the Export or Print or E mail settings as necessary Use Browse button to change the export path Click Additional E mail Settings button to specify optional e mail settings as shown below Additional E mail Settings 2 You can customize the SMTP Server From and To Pr address Subject and body of the e mail message SMTP Server RD30 From Jamie researchlab com To Micheal reseachlab com Subject Reports generated by NTFS Security Manage
236. ied export path All selected Reports will be exported to a time stamped sub folder in the format yyyy mm dd hh mm ss under the task name folder Therefore the full folder path for all the exported reports refers to the following directory lt Export path gt lt Task name gt lt Time stamp gt d A separate file will be created for each report in the desired file format For example in the HTML file format each report will be created as a html file Note NTFS Security Auditor Power Export Wizard will help you create and store the settings for a task which you may view or modify later using the Scheduled Tasks Manager The task will be created with the settings Schedule Type and Run As parameter provided using the Power Export Wizard A valid password must be specified for the Run As parameter of the task You can schedule the two types of reports Shares Folder and Files report and Built in report available in NTFS Security Auditor 228 Chapter 3 NTFS Security Auditor Scheduled Tasks Manager The Scheduled Tasks Manager allows you to perform the following operations e View summary information for the tasks created e View exported files of the task e Edit an existing task e Delete a task View summary information of a task The pane on the left hand side in the Scheduled Tasks Manager window lists the tasks maintained in NTFS Security Auditor To view summary information of a task select the desired task on the lef
237. ies Principal Access VOYAGER Michael File All Access Full Control YOTYAGEA adminuserd Read ndE secute Back Next Cancel e Select the Central Access Policy from the list of Central Access Policies After you select the Central Access Policy a list of Central Access Rules that are members of the selected Central Access Policy will appear in the tree view You can view the details of the Central Access Rules by selecting the Central Access Rule from the tree view e Click Next to proceed to the next step Step 4 Save as template Enter a name and description to save the input settings as a template You can reuse this template later How to reuse the Revoke CAP template 489 Chapter 4 NTFS Security Manager Revoke Central Access Policy Step 3 of 4 Save as Template Optional Enter a name and description to save the input settings as a template You may reuse this template later Template Marne Revoke CAF Sample Back Next Cancel Step 5 Selection Summary This step displays the summary of data selected to Revoke CAP and you can also view and export the existing central access policy before changes are applied by clicking on the Export Current Central Access Policies button 490 Chapter 4 NTFS Security Manager Revoke Central Access Policy Step 4 of 4 Summary Report Shows the details of all the inputs provided in the wizard Selection Summary Selected Revoke Mode Revoke a central access
238. ies to Descriptions Permigsian entries Type Principal Back Next Cancel e Click Change to view available Central Access Policies that can be applied to the selected shared folders files Note You must be a member of the selected shares domain and connected to the shares from a domain authenticated session to view Central Access Policy information 476 Chapter 4 NTFS Security Manager Apply Central Access Policy Wizard Step 2 of 4 Select Central Access Policy Select a Central Access Policy to apply to the sharetsi Folder si Click Change to view available Central 4ccess Policies that can be applied to the selected objects Central Access Policy The following Central Access Rules apply Central Access Rules FinanceD ocumentA ule Applies to RESOURCE Department MS Finance Descriptions Permigsian entries Principal ACCESS VOYAGER Michael File All Access Full Control VOYAGER Mita Read Write Back Next Cancel e Select the Central Access Policy from the list of Central Access Policies After you select the Central Access Policy a list of Central Access Rules that are members of the selected Central Access Policy will appear in the tree view You can view the details of the Central Access Rules by selecting the Central Access Rule from the tree view e Click Next to proceed to the next step Step 3 Save as template Optional Enter a name and description to sa
239. if Saved Search button under Power Search The Power Search window will be displayed as shown below Step 1 Select Shared Folder s Files Select one or more servers to enumerate its Shared Folder s Files Deayver Search Wiesare Deresieciane PACITY POWEr Search vezar a MISSIONS LALL Step 1 of 4 Select Shared Folder s Files Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default me properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level e a Satie ame Permissions as m 159 Chapter 3 NTFS Security Auditor Power Search Wizard Permissions S4CL Step 1 of 4 Select Sbseed Enaldarfci _ File Enter the full pati paths from a texi y properties for sca jew and select Shares and Folders available from computers displayed below Share Folder UNC Domain Controllers d RD10 C WRD10 aDMINs LJ Romes L RD10WETLOGON WARD LOWEW TEST FOLDER WRD10 MEW TEST FOLDER SHARE VAD 10 Ntfs test folder permissions _ WRD10 WTFSTESTFOLDER 3 L Web 10 sysvoL E YRD 10 Test folder permissions E YRD 10 TestShareFolder VRD10
240. ific users and groups aes Shares and Resources Click on button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Built in Reports List of permissions for specific users and groups on folders Step 1of3 Select Report Select a report from the available Built in Reports Description S Permissions 5 JE E This repor lists the folder List of permissions for specific users and groups on folders permissions assigned to a List of permissions for folders Specific user group account List of permissions for specific users and groups on files E List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files 3 List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files Click Next to proceed to the next step 35 Chapter 3 NTFS Security Auditor Step 2 Select User Group Accounts Select user and or group accounts for which you would like to view the permissions for folders files Built in Reports List of permissions for specific users and groups on folders Step 20f3 Select User Gr
241. ile Shares and Resources Shares RESEARCHLAB RD30 4 Click Next to proceed to the next Step 236 Chapter 3 NTFS Security Auditor Step 3 Delivery options z Power Export Shares Folders and Files Step 3 of 5 Delivery Options Select the report delwery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path All selected reports will be exported to a time stamped folder in the format ywyyy mn dd hh mm ss under the task name folder Export Type Export Export Path C Wsers Public Documents NTFS Security Manageme Micheal Reseachiab com E mail Settings Compress the attachment Hote This evaluation version exports e mails only the first 10 records 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path Click Additional E mail Settings button to specify optional e mail settings as shown below 237 Chapter 3 NTFS Security Auditor subject Reports generated by NTFS Security Management Please find the attached report generated by NTFS Secunty Management Suite 238 Chapter 3 NTFS Security Auditor Step 4 Schedule Settings A Fower Export Shares Folders and Files Step 4of5 Schedule Settings Enter a unique task name and specify ts schedule settings Task Name Standard Reports Task
242. iles Step 2 Check Allow inheritance e Check the option Allow inherited permissions from the parent to propagate to this object Permissions Modifier Grant permissions Accounts Basic Permissions Permissions g Add Domains Refresh ADVENTURE alec gea No Share Profile found Configure ADVENTURE Martin Domwans ADVENTURE alex i ADVENTURE ADVENTURE Robin 5 88 Domain Controllers ADVENTURE Richard h apes H E Raa NTFS Security Manager Eal ma WRD49 22 fd WRD49 Address Are you sure You want to allow the inherited permissions from the parent to H E WRD49 admin folder propagate to this abject ff WRD49 ADMINS EE WAD49 basic per ES WRD4S9 Bulk Test folder ff WRD49 Bulk test foldert ADVENTURE Robin Allow No i af WRD45 BulkTestwithOu ADVENTURERichard Allow No sf WRDASICS sg WRD4SVDS fal WAD4SKES Gee WRD4S E ff supp folder H E WRD4S ExchangeOAB C a Allow Inherited permissions from the parent Wr feet WRDASIFS to propagate to this abject Poi ob oo DET wenaees See eer Select Apolo itian Curent owner BUILTIN Administrators Select Applyonto option e Click Yes to allow inheritance e The updated permissions list with inherited permissions from the parent object as shown below 428 Chapter 4 NTFS Security Manager Share Folder path Accounts Basic Permissions Permissions Add Domains Refresh ADVENTURE alec o No Share Profile found Configure
243. iles You can create data subsets for your network using powerful scan options and meaningfully segment your entire network for data collection reporting and managing Chapter 1 General Information System Requirements For the computer running NTFS Security Management Suite 2014 Disk space amp Memory 512 MB RAM and minimum of 30 MB of free disk space Operating System Windows 8 1 Windows 8 Windows 7 Windows Vista Windows XP Windows Server 2003 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 with NET Framework 4 0 or higher with the latest service packs Database Microsoft SQL Server 2012 Enterprise Standard Developer Express edition or Microsoft SQL Server 2008 Enterprise Standard Developer Express edition or Microsoft SQL Server 2005 Enterprise Standard Developer Express edition running in local remote computer with latest Service Pack For the computers reported and managed by NTFS Security Management Suite 2014 Windows 8 1 Windows 8 Windows 7 Windows Vista Windows XP Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 Windows Server 2008 R2 Windows 2003 Chapter 1 General Information How to purchase You can purchase NTFS Security Management Suite 2014 online from our website http www vyapin com Please contact our Sales department at sales vyapin com for sales and price related queries Cha
244. in share htm gt How to enumerate shared folders files Step 2 Uncheck Allow inheritance e Uncheck the option Allow inherited permissions from the parent to propagate to this object Permissions Modifier Grant permissions Accounts Basic Permissions Permissions Allow Deny g Add Domains Q Refresh ADVENTURE alec lt No Share Profile found Configure SOVENTURE Martin Domains ADVENTURE alex Lay ADVENTURE ADVENTURE Robin d Domain Controllers Security cl E apse BE wmo ve To copy the permission entries that were previously applied ARDS Address from the parent to this object click Copy Selecting this option means that the parent permission entries that apply to child objects will no longer be applied to this object k Ee MRD49admin folder To remove the permission entries that were previously applied T aaan from the parent and keep only those permissions Explicitly be ee defined here click Remove H E WRD49 basic per EL WRD4S Bulk Test folder J EF WRD49 Bulk test foldert A E WRD49 BulkTestwithOu To cancel this action click Cancel fee WRD4SCS Hak WRD4SIDS NT ALITHORITY SYST Allow Yes i faa WRD4S ES ADVENTURE adminuser Allow Yes i Ee WRD4S Eff supp folder H E WAD49 ExchangeOAB i a ee Allow Inherited pennissions from the parent H fal WRD4S F 3 E to propagate to this object H ER WRAN Curent owner BUILTIN Administrators PPY omo Select Applyonta option
245. inus Explicitly assigned Traverse Folder Execute File PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGroup4 gt PHOENIX TestGroup group PHOENIX TestGrou Explicitly assigned Traverse Folder Execute File PHOENIX TestGroup5 gt PHOENIX TestGroup group Explicitly assigned Traverse Folder Execute File BUILTIN Server Op Alias Explicitly assigned Traverse Folder Execute File E 68 Chapter 3 NTFS Security Auditor List of effective permission for users and groups on files This report lists the effective permissions for users and groups assigned to files available in a set of folders aes Shares and Resources Click on button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Built in Reports List of effective permissions for users and groups on files Step 1of2 Select Report Select a report from the available Built in Reports Description This report lists the effective permissions for users and E List of permissions for folders groups assigned to files available in a set of folders a 4 Permissions List of permissions for specific users and groups on folders List of permissions for specific users and groups on files E List of permissions for files List of all permiss
246. ion or by selecting computers From the network Or you may select specific versions of Windows Profile Mame Research Computers Profile Select computers From network Select specific Windows version s Import list of computers From text File Import list of IP addresses From text File File CiUsersVdministratorDesktopvvorkStationsList txt Mote The file should contain valid IP addresses wih each entry in a separate Click here to views a sample Import Verity Imported OK Cancel i Select Import list of IP addresses from text file option ii Click browse button to select a file that contains the list of IP addresses to be imported iii In the Select File dialog that shows up select a text txt file and then click Open V Click Import button to import the list of IP addresses from the selected file 534 Chapter 6 Scan Profiles Manager Note o The text file should contain valid IP addresses with each entry in a separate line as shown below sample IP Address List 18 10 10 53 10 10 10 56 160 10 10 255 o During the import process each IP address will be translated to a corresponding computer name Hence only valid entries will be imported To view the list of entries imported click Verify Imported List button The list of IP addresses and their corresponding computer names will be displayed as shown below Entries Imported This window shows the lisk of entries impo
247. ions j Bosd and Evoriito fl ict Enldor Onantontec 507 Chapter 6 Scan Profiles Manager Change History About Change History How to view Permissions Change History How to view Central Access Policies Change History 508 Chapter 6 Scan Profiles Manager About Change History The Change History feature lets you view the Permissions and Central Access Policies change history of NTFS Security Manager with the specified date interval For more information about Change History follow the links given below How to view Permissions Change History How to view Central Access Policies Change History 509 Chapter 6 Scan Profiles Manager How to view Permissions Change History The Change History feature allows you to view permissions change history of NTFS Security Manager You can view permissions change history between specific date interval by selecting From and To dates By default it shows the history of last 30 days You can view permissions change history of specific task by selecting task name in the View option Central Access Policies Click on button in the toolbar The Change History window will be displayed as shown below You can view Permissions Change History in one of the following ways e Grant Permissions History e Revoke Permissions History e Copy Permissions History e Modify Permissions History e Copy Account Permissions History Change History Refresh p3 Exp
248. ions button That will show up a window as shown below Folder Options Folder Path MaE M Incdude sub folders E Traverse only 1 jevel s of sub folder in the shared folder F Apply this setting to all folders in list Cancel 5 Modify the folder options as required and click OK 6 That will show up a window as shown below Exclude Accounts Exclude the following accounts IM Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users E NT AUTHORITYSYSTEM E BUILTIN Users 7 Select the accounts for which you want to exclude and click OK If you want to exclude specific accounts select Exclude Accounts option Click Accounts button 8 You can use Customize option to exclude some of the fields from the report as displayed below 285 Chapter 3 NTFS Security Auditor Full Path Folder Path Sub Folders Owner User Group Name Account Type Type Inherited amp Explicit Effective Permissions 9 Select the customize options as required and click OK 10 Click Next to proceed to the Next step 286 Chapter 3 NTFS Security Auditor Step 3 Additional report settings A Power Export Built in Reports Step 3 of 6 Additional report settings Select additional report settings Additional Report Settings Validate for Errors Generate report ignoring any errors foun
249. ions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files Click Next to proceed to the next step 69 Chapter 3 NTFS Security Auditor Step 2 Select shared folders Select one or more servers to retrieve available shares Step 2of 2 Select serve c Enter the tull path of a Share folder paths from a text file properties for scanning each Share Folder UNC Path Scan Profile Shares de Add Domains 70 Chapter 3 NTFS Security Auditor Built in Reports List of effective permissions for users and groups on files Step 2o0f 2 Select server s for Shared Folders list Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares caii a Profile ri Folder Path Indude sub folders Folder level VRD 10 NETLOGON me VRD10 NEW TEST FOLDER True WRD 10 WEW TEST FOLDER SHARE True YRD 10 NTFSTESTFOLDER True jj Bo not display files that h
250. ire network Security Viewer Click on button The Security Viewer window will be displayed as shown below Step 1 Select folder file path Select folder file path by using an option below 124 Chapter 3 NTFS Security Auditor Permissions Scan Profiles Computers PE Mo Profile found Configure using J Scan Profiles Shares m Sample Shares a Allow Inherited permissions from the parent Apply these permissions to objects and or to propagate to this object containers within this container only Select Local Drives and follow the steps below e Select and traverse one or more directory to enumerate its subfolders and files e Select a directory or subfolder file path 125 Chapter 3 NTFS Security Auditor Share Folder path Accounts Basic Permissions Permissions Local Drives BUILTIN S Administrators Modify ite AS WIM 2 administrator Read and Execute List folder cont 7 ie Ci WIN 24bestuserl Read WIN 2 testd Write NT AUTHORITY SYSTEM Special permissions J Ef Admin Folder CREATOR OWNER J Confidential Share BUILTIN Users oSee8e82 slelelelele ad Debug Accounts Advanced Permissions _ DockiT Account Name ACEType Inherited Permissions folder Everyone Allow Ho __ Prathap BUILTIN Administrators Allow No _ Test WIM 2 administrator Allow No Test folder for NTFSSA Wilh 2testuserl Allow J Testfolder WIN test4 Alloy
251. isplayed as shown below Here is the list of ways you can enumerate the shared folders files in the network e Scan Profiles Computers e Scan Profiles Shares e Domains e Local Drives Share Folder path ermissions Accounts Basic Permissions Permissions Allow Deny E Add Domains a Refresh Scan Profiles Computers A share Server Scan Profiles Shares c Public Shares Domains H E Local Drives Accounts Advanced Permissions Account Name ACEType Inherited Select Apphyonto option 414 Chapter 4 NTFS Security Manager Select Scan Profiles Computers and follow the steps below e Select one or more servers to enumerate its shared folder file e Select a shared folder file path Grant permissions Accounts Basic Permissions Permissions Q Add Domains Refresh DISCOVERY abraham Scan Profiles Computers BUILTIN Administrators S A Share Server F DISCOVERY Domain Admins c DISCOVERY DISCOVERY adminuser ADAG DISCOVERY test i ES WRD48 nokia DISCOVERY test4 EE WRDeS ARKAD Screen Shol NT AUTHORITY SYSTEM J E WRDABICS 7 2 Ee Accounts Advanced Permissions fae WRD46 Share AccountName ACETyp Inherited J E WRD46 ExchangeUM DISCOVERY abraham Deny Ba WRD4E Effective BUILTIN Administrators Allow af WRD46 BMW share folder DISCOVERY Domain A Allow jae WRD46 Resources DISCOVERY adminuser Allow EE WAD4S ExchangeQAB DISCOVERY abraham Allow EE WAD46 test f
252. issions Accounts Basic Penmissions Permissions E Add Domains Refresh ADVENTURE alec Full Control i No Share Profile found Configure ADVENTURE Martin Modify Domains ADVENTURE alex Read and Execute List folder i ADVENTURE ADVENTURE Robin Read c i Domain Controllers ADVENTURE Richard Write oi apes BUILTIN Administrators Special permissions jag WAD4ON2 NT AUTHORITY SYSTEM Traverse Folder Execute File a WRDaAg22 List Folder Read Data EE WRD49 Address Accounts Advanced Permissions Read Attributes E8 WRD49 admin folder aS AE Eor alaaa Read Extended Attributes E WRD49ADMINS ADVENTURE alec Allow No Create Fies Wrte Data ES WRD49 basic per ADVENTUREMartin Allow No Create Folders Append Data E8 WRD49 Bulk Test folder FNS stare Allow No Write Attributes fg WRD49 Bulk test folder ADVENTURE Robin Allow Write Extended Attributes BE ARDA M BulkTestWithOu ADVENTURE Richard Allow Mo Delete Subfolders and Files EE WRD4S CS BUILTIN Administrators Allow Yes Delete fag WRD49 DS NT AUTHORITYSSYST Allow Yes Read Permissions FE WAD49 ES ADVENTURE adminuser Allow Yes Change Permissions EF WRD4S Eff supp folder ae foe WRD49 ExchangeOAB 5 Allow Inherited pennissions from the parent fad WROSIFS to propagate to this object es Sots aaa Cancel SERRE EREABSSESS ABBA HEE EEEREEEEREEAR SEABEAAB Curent owner BUILTIN Administrators Apely onto ihiz foida subtler ond fies x A
253. issions from one share to another share s 443 Chapter 4 NTFS Security Manager How to replace all explicit permissions existing in descendant with the inherited permissions from the target object The Copy Permissions feature allows to remove explicitly defined permissions on all descendant object and replace them with the inheritable permissions from the target shared folder s file s permissions list aha Copy Permissions Click on button The Copy Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Copy permissions from one share to another share s e In step 4 select the option Replace all child objects existing permissions with the inheritable permissions from this object Copy Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to copy permissions to the selected target shared folder s fle s permission list Assignment Rule Copy the selected pemissions to the existing permissions list f the selected account already exists in the permissions list Add the new pemissions to the account s existing permissions Ci H Replace the account s existing permissions with the new permissions oe E Also apply the above to subfolders and files that do not have inheritance set nonanherted folders and files io 6 Remove all existing accounts and replace with the selected accounts and permissions oo Replace all child object existing per
254. issions report You may also click Import button to import a list of UNC folder paths from a text file 3 Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Options button That will show up a window as shown below 302 Chapter 4 NTFS Security Manager Folder Path WROD 10 TestShareFolder Indude sub folders Traverse only i level s of sub folder in the shared folder or Apply this setting to all folders in list 5 Modify the folder options as required and click OK 6 If you want to exclude specific accounts select Exclude Accounts option Click Accounts button That will show up a window as shown below Exclude Accounts Exclude the following accounts Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users E NT AUTHORITY SYSTEM E BUILTIN Users 7 Select the accounts fo
255. ist The Modify Permissions feature allows you to replace an existing account with single or multiple accounts by retaining the same permissions in the permissions list You can replace accounts on specified levels of sub folder and also replace accounts on sub folders that match the specified search pattern Modify Permissions Click on button The Modify Permissions window will be displayed Step 1 Select folder file path e Follow the list of options to enumerate the shared folder file as outlined in How to enumerate shared folders files Step 2 Select an account and click Replace e Select an account from the Basic or Advanced permissions account list e Click Replace button The Accounts Selection window will be displayed as shown below Permissions Modifier Grant Permissions Accounts Basic Pennissions Permissions E3 Add Domains amp Refresh PHOENIX sam Full Control F F Scan Profiles Computers a PHOENIX Test group Modify H Accounts Selection Select User Group Account s Select the user andor group accounts for which you would like to Replace the permissions on Shares folders Account name eP Add to list oO Accounts from domain server Browse and Select O A A AA O Accounts from Scan Profiles Users Groups Select a Profile Selected Accounts E Replace accounts on subfolders E Include files present inside folders Replace Cancel A RE H T SPACENFT A 419
256. istrators Allow Curent owner BUILTIN Administrators i WANR Perminsions Allow Inherited pemissions from the parent k to propagate to this object 130 Chapter 3 NTFS Security Auditor Accounts Basic Permissions Permissions Allow BUILTIN Administrators _ Full Control DISCOVER Domain Admins Modify DISCOVERY Enterprise Admins Read and Execute List folder con DISCOVERYIUSR_RD46 DISCOVER MailUser1 DISCOVER adminuser DISCOVERY abraham DISCOVERY test c DISCOVERY SE Domain Controllers 2 Rose EE WRD46 nokia EE WRD46 ARKAD Ser ES WAD4E CS SsSO0 Special pemissions Traverse Folder Execute File List Folder Read Data Read Attributes Read Ettended Attributes Create Files Wrte Data fed WRD46 Share folde fe WRD46 s0ny fad WAD46 test group EE WRD46 new fee WRD46 Exchangelll BUILTIN Administrators Allow DISCOVERY Enterpris Allow DISCOVERYMUSR_R DISCOVERY MailUser1 DISCOVERY adminuser Create FoldersAppend Data Write Attributes Write Extended Attributes Delete Subfolders and Files Delete ES WRD4ENE ffective EE WAD4E BMW share EE WAD46 Example E8 WRAD46 Resources EE WRD46 Exchanged ae Allow Inherited pennissions from the parent EV nt to propagate to this obj a DISCOVERY abraham Allow Read Permissions DISCOVERY test Allow Change Permissions BUILTIN Administrators Allow Take Ownership JOBE RERARARARAAR EAA AAM 7 0 Aoo A SSS Sess C
257. it Folder Options Folder Path MaA Include sub folders E Traverse ony S F Apply this setting to all folders in list 62 Chapter 3 NTFS Security Auditor Click OK to proceed Click Finish to generate the selected report After the data collection process is complete the report would be generated in a report window as shown below Q Refresh 3 Export P Filter 54 E mail Report Name List of all permissions for folders Inherited amp Explicit Generated on 09 Jun 2014 05 00 08 PM Folder Path Sub Folders Owner User Name t ssa yi Security Inherite Apply To Type Inherited amp Explicit E RD10 NETLOGON NETLOGON BUILTIN Administr CN Administrator User active Allow Full Control No Subfolders andfile Inherited from BUILTIN Administrators gt PHOEND Enterprise Admins Inherited from BUILTIN Administrators gt PHOEN X Enterprise Admins Traverse Folder amp No This folderonly Inherited from BUILTIN Administrators gt PHOEND Enterprise Admins j Inherited from BUILTIN Administrators gt PHOEN X Enterprise Admins CN adminuser1 User Active Allow Full Control No Subfolders andfile Inherited from BUILTIN Administrators gt PHOENTX Enterprise Admins Inherited from BUILTIN Administrators gt PHOEN X Enterprise Admins Inherited from BUILTIN Administrators gt PHOENIX Enterprise Admins Traverse Folder 5 No This folderonly Inherited from BUILTIN Administrators gt PHOENIX
258. ive mode The way in which a Scan Profile is applied and the data collection methodology adopted slightly differs in interactive mode from off line report generation mode using Power Export Tool The data collection methodology adopted also depends on the type of Scan Profile applied static or dynamic to the report For instance if a Scan Profile is associated with multiple domains in interactive mode data will be collected only for computers that belong to the currently selected domain On the other hand if there are no computers to be found for the currently selected domain in the applied profile the report data will not be collected at all This is likely to happen if the currently selected domain was not included in Scan Profile if it is a static profile or the Scan Profile includes a Windows version filter say Windows XP computers only and the domain does not have any computers running Windows XP In addition in interactive mode there are differences on how Scan Profiles are applied to Domain based Reports and Server based Reports Scan Profiles and Domain based Reports In interactive mode for domain based reports you can apply a Scan Profile by using the Scan Option Dialog The report will be generated for the list of computers in the applied Scan Profile for the currently selected domain as mentioned earlier Scan Profiles and Server based Reports 538 Chapter 6 Scan Profiles Manager Pn a Scan Profiles Comput
259. j s6 Export Eyl E mail From 7502013 ol To e 12013 El View Apply CAP W Show History Generated om G4 2015 2 19 36 Phl Status Success Task Mame Date and Time Share Path Policy Mame nari Task Status lt Apply Central Acce 6 1 2013 2 16 46 PI rd Test Folder MTFS Team 4oply to all the sub Task Completed Successfully Bf 1f2013 2 16 10 PI rd81 NTFSSM Test Finance Apply to all the sub Task Completed Successfully BI 1f2013 12 53 29 f rd40 Testing CAP test Task Completed Successfully Bf1f2015 11 30 08 ird40 NTFS Testfinance Task Completed Successfully FIS1 2013 6 24 12 Frd40 NTF554 Shar Policy For countries Apply to all the sub Task completed with the Following errors Errors Access bo the path Vird40 NTF554 Share RibbonControlsa FiS1 2013 5 33 45 Frd40 NTFSSM Test Project CAP Apply to all the sub Task Completed Successfully FISOf2015 3 38 53 brd40 NTFS54 Shar Policy For countries an Task Completed Successfully Select required From and To dates Select Revoke CAP in the View option Then click Show History button The Revoke CAP history will be displayed as shown below Q Refresh 3 Export Ea E mail From 7 a203 E To THATS El iew Revoke CAP w Showe History Generated on 74 72013 2 40 38 PM Status SUCCESS Task Mame Date and Time Share Path Policy Mame o Task Status Revoke Central Ad 7 17 2013 2 36 37 Pird40NTFS554 Shar No Central Access P Revoke a central ad Task Completed Successfully F
260. l Select explicit permissions only Select inherited permissions only i Account Name DISCOVERY admin DISCOVERY test DISCOVERY test BUILTIN Administrat DISCOVERY admin CREATOR OWNER E NT AUTHORITYS BUILTIN Users BUILTIN Users BUILTIN Users Allow Allow Allow Allow Allow Allow Allow Allow Allow Allow CreateFiles AppendData Modify Modify FullControl Read ndExecute FullControl FullControl CreateFiles Append Data Read ndExecute ls Inherited False False False True True True True True True True Apply To This folder subfolders and files This folder subfolders and files This folder subfolders and files This folder subfolders and files This folder subfolders and files Subfolders and files onhy This folder subfolders and files This folder and subfolders This folder and subfolders This folder subfolders and files e Use Select inherited permissions only option to select only inherited permissions from the source shared folder file permissions list 454 Chapter 4 NTFS Security Manager Step 3 of 6 Select Permissions Access Control Entries The following list displays the Permissions access control list of source Share folder Select the permissions to copy to the target share s folder s E Select All E Select explicit permissions only Select inherited permissions only Account Name Access Type Secunty ls Inherited Apply To E DISCOVERY admin
261. late Name Sample task tor Revoke CAP Selected Revoke Mode Revoke a specific CAP from selected shares and folders Apply to all the sub folders Selected shared folder s file s 1 Wwo40 NTFSSM Test folder Selected central access policy Finance View Details Close Clase 494 Chapter 4 NTFS Security Manager Power Search About Power Search How to view Power Search Permissions DACL Reports How to manage Power Search 495 Chapter 4 NTFS Security Manager About Power Search The Power Search feature lets you perform powerful conditional Search queries of NTFS Permissions on Files and Folders You may select specific permissions from the list of standard permissions and Advanced special permissions and run a query to determine who have these permissions on which folders and files You may Save frequently used queries for reuse them later Here are some examples of how you may make effective use of this feature Search on who has Full Control on which folders and files Select a set of accounts and determine for which folders and files they have Full control access Determine which accounts have modify or delete permissions on critical files and folders Determine what type of permissions members of the Administrators group have on specific folders and files Determine where Inheritance from Parent folder has been explicitly removed Determine Accounts for which folders have explicit Allows or Denys set
262. lder Mast Apply tnis seting toa folders init Click OK to proceed Click Finish to generate the selected report 121 Chapter 3 NTFS Security Auditor After the data collection process is complete the report would be generated in a report window as shown below iy Refresh Export 5 E mail Report Detail Report Name Folders affected not affected by DAC Central Access Policies Generated on 16 Jan 2013 12 09 44 PM Status SUCCESS SUb Folders Applied Policy dta Test Wdt2 Test folder For NTFSSA Extract BUILTINGAdintatoss O New Dis BUILTINGAdintatoss New folder BUILTIN Administrators Odols BUILTINSAdmiristrators Setupfles BUILTIN Administrators Test folder for WTFSSA BUILTIN Administrators ene Folder For NTFSS41Debugs oe Dept policy Adie Test folder For NTFSSAiDebugsitests testa BUILTINSAdministrators i 122 Chapter 3 NTFS Security Auditor Security Viewer How to view the permissions for shares and local drives How to enumerate shared folders files 123 Chapter 3 NTFS Security Auditor How to view the permissions for shares and local drives The Security Viewer feature allows you to view entire file system permissions You can use many options to view the permissions of shares With the option Local Drives you can view the permissions of the local system folders and files With the option Domain you can view permissions of the shared folder s file s in the ent
263. lder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level RD 10 WETLOGON True All YRD 10 WEW TEST FOLDER True Al WRD 10 NEW TEST FOLDER SHARE True All Indude files present inside folders Set sub folder levels Indude Group members You may also enter the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders option to include all files from the specified folders in the report You can select Include Group members option to include all the members of a group and their sub group members at all group levels in the report Use Set sub folder levels option to view permissions in the selected levels of sub folder s in the shared folder Folder Levels Traul Folder Levels Include upto 3 Hrd level of sub folder s in the shared folder gt Include only 1 St level of sub folder s in the shared folder Include folders after 1 Sl level of sub folder s in the shared folder Include only leat nodes in the shared folder 186 Chapter 3 NTFS Security Auditor Include upto N level s of sub folder s in the s
264. lder s in the shared folder Folder Levels Cral Folder Levels Include upto 3 rd level of sub folder s in the shared folder gt Include onbe 1 St level of sub falder s in the shared folder Include folders after 1 Sl level of sub folder s in the shared folder Include only leat nodes in the shared folder 204 Chapter 3 NTFS Security Auditor Include upto N level s of sub folder s in the shared folder This option will view permissions from sub folders which are upto the specified folder traversal level Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permissions from sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folder s permissions Click Next to proceed to the next step Step 3 Select User Group Accounts This step is optional Use this step to select user and or group accounts for which you like to view the destructive access rights for folders files Security Vulnerabilities List of permissions for accounts having destructive access on folders Step 3of3 Select User Group Account s Optional This step is optional Us
265. lect Local Drives and follow the steps below e Select and traverse one or more directory to enumerate its subfolders and files e Select a directory or subfolder file path 399 Chapter 4 NTFS Security Manager Pale Modifier Share4Folder path Accounts Basic Permissions Permissions Allow Deny g Add Domains Refresh ADVENTURE michael Scan Profiles Computers ADVENTURE Angelo 2 c Si Share server ADVENTURE SMartin Scan Profiles Shares BUILTIN Administrators 3 4 Public Shares NT AUTHORITY lt SYSTEM Domains BUILTIN Users cle Local Drives NT AUTHORITY Authenticated Users TA Accounts Advanced Permissions J C Ozfc8fbd dc06d745d46364 Account ame ACETyp Inheritec F NTFSSM ADYENTUREmichael Allow No J PerfLogs ADVENTURE Angelo Allow No H Program Files ADVENTURESmichael Allow _ ProgramData ADVENTURE Martin Allow BUILTIN Administrators Allow BUILTIN Administrators Allow NT AUTHORITY SYS Allow NT AUTHORITY SS4 S Allow G Window g h i 1 Curent owner BUILTIN Administrators select Applponto option autoexec bat Allow Inherited penissions from the parent E Congas to propagate to this object Step 2 Select an Account Select an account from the Basic or Advanced permissions list After selecting an account permissions of that account would be shown in the last column as shown below 400 Chapter 4 NTFS Security Manager Grant perm
266. level Customize a ee ee l a he nb f on r rmissions as the parent folder 149 Chapter 3 NTFS Security Auditor Power Search Wizard Search for Exceptions DACL Step 1 of 4 Select Sharad Enldarfc Fill Enter the full pati paths from a texi y properties for sca iew and select Shares and Folders available from computers displayed below Share Folder UNC m Domain Controllers d RD10 C WRD10 aDMINs LJ Wrpt0 cs L WAD 10 NETLOGON WRDAOWEW TEST FOLDER WRD10 NEW TEST FOLDER SHARE YRD10 Ntfs test folder permissions _ WRD10 WTFSTESTFOLDER 3 L WRD10 sysvoL E YRD i0 Test folder permissions E YRD 10 TestShareFolder E VRD 10 WUsers Scan Profile ha Folder Path 3 V Do not display ca RESEARCHLAB C Include files pr 150 Chapter 3 NTFS Security Auditor Power Search Wizard Search for Exceptions DACL Step 1 of 4 Select Shared Folder s Files Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default ih N properties for scanning each folder Share Folder UNC Path Scan Profle Shares eer a Profile Folder
267. lick Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level Add From VRD 10 NEW TEST FOLDER True All WRD 10 NEW TEST FOLDER SHARE True All VAD IO WNtfs test folder permissions True All VAD 10 Test folder permissions True All Do not display fles that hawe the same permissions as the parent folder Customize Edit Folder Options E Include files present inside folders Set Search Pattern You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the pa
268. lick Next to proceed to the next and final step Pu NE 335 Chapter 4 NTFS Security Manager Step 6 Summary Step 6 of 6 Summary Click Finish to save the task details Task Name Builtin Report Task C Wsers Public Docume T m P Management ras Ford researchlab local List of Shares Click here to view 1 This step displays the summary information of the task Click Finish to save the task details 3 The task will be added to Windows Schedule Tasks and will be displayed in the Scheduled Tasks Manager Window as shown below 336 Chapter 4 NTFS Security Manager Task Hame Buitin Report Task om standard Report Run As PATHFINDER adminuser en STE Report Type Built in Report Exported Files Click here to wiew schedule At 1 25 Phi every day starting 4 22 2014 Report g Domai Export Export Folder Export PathiTask Name C Users Public Documents NTIFS Tom List of Shares Click here to view Security Management Suite Ford pathfinder loca 2014 Export Builtin Report task i C Users Public Documents NTFS Tom Click here to view HTML Security Management Suite einate bn 2014 Export Builtin Report task Aiai List of Shares with permissions d Edi Task j Delete Task 337 Chapter 4 NTFS Security Manager NTFS Security Manager Grant Permissions Revoke Permissions Modify Permissions Copy Permissions Dynamic Access Control Power Search Change History 338 Chapter 4 N
269. lick Show History button The Copy Permissions history will be displayed as shown below 511 Chapter 6 Scan Profiles Manager a yee al eel yey ENYE MCO Y Refresh sa Export E mail ey Exp From 1 13 2013 To 2 12 2013 Gy View Show History Generated on 2132013 11 06 55 AM Status Success Task Name Date and Time say 7 Share Path Permissions Access Type Apply To lt CopyPermissions 1 28 2015 5 39 25 DISCOVERY admini rd46 Test Folder DISCOVERY adminuser gt Appen DISCOVERY adminuser gt Allow DISCOVERY ac 1 29 2015 5 15 40 CREATOR OWNER rd46 Test Folder CREATOR OWNER gt FullControl CREATOR OWNER gt Allow NT Al CREATOR OWT Select required From and To dates Select Copy Permissions in the View option Then click Show History button The Replace Permissions history will be displayed as shown below I1 TPS EET Refresh Export E mail ey Ei From 1413 2013 a To 21x203 H View Copy Permissions Show History Generated on 2 13 2013 11 06 55 AM Status Success Task Name Date and Time nie Share Path Permissions Access Type Apply To lt CopyPermissio DISCOVERY admin rd46 Test Folder DISCOVERY adminuser gt Appen DISCOVERY adminuser gt Allow DISCOVERY ac 1 29 2013 5 15 40 CREATOR OWNER d46 Test Folder CREATOR OWNER gt FullControl CREATOR OWNER gt lt Allow NT Al CREATOR OW Select required From and To dates Select Modify Permissions in t
270. list of UNC folder paths from a text file Share Folder UNC Path oe Scan Profle Shares Select a Profile Folder Path Add From Import Cancel e Selecta profile from the Scan Profile Shares dropdown to use the shares added in a profile e The list of shared folder s file s present in the selected Scan Profile Shares will be loaded to the wizard as shown below 572 Chapter 6 Scan Profiles Manager Grant Permissions Wizard Step 1 of 6 Select shared folder s tile s Enter the Full path of a shared Folder ifile Click 4dd From to load the list of shares Import to import a list of UMC Folder paths From a text File Share Folder UNC Path Scan Profile Shares test profile Cii Folder Path Add From WAD49 Address o WO basic per oO WARDS Bulk Test Folder WEDS Bulk best Folder 1 peace WRO4SEFF supp Folder Remove Merck Cancel e In the subsequent steps select the necessary details for granting permissions for the shared folder s file s present in the Scan Profile Shares 573 Chapter 6 Scan Profiles Manager References Frequently Asked Questions Troubleshooting How to uninstall NTFS Security Management Suite 2014 574 Chapter 6 Scan Profiles Manager Frequently Asked Questions For frequently asked questions about the product please refer to the page Frequently Asked Questions in the website of the respective modules NTFS Security Au
271. ll be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time DAC Reports Step 1of3 Select Report Select a report from the available DAC Reports Description E E DAC Reports Select a report from the A Effective DAC permissions for specific users and groups on folders available DAC Reports fae Effective DAC permissions for Accounts having permissions on specific folders sete E List of Central Access Policies CAP and Central Access Rules on the Domain E Folders affected not affected by DAC Central Access Policies 107 Chapter 3 NTFS Security Auditor Step 1of2 Select Report Select a report from the available DAC Reports Description This report lists the effective DAC permissions for the Effective DAC permissions for Accounts having permissions on specific folders specified folders List of Central Access Policies CAP and Central Access Rules on the Domain Folders affected not affected by DAC Central Access Policies S E DAC Reports Effective DAC permissions for specific users and groups on folders Click Next to proceed to the next step Step 2 Select shared folders Select shared folder s by using any of the input options displayed 108 Chapter 3 NTFS Security Auditor 1 i Pret M E Live Jak DE SSL ls TUT SEL be Step 2of2 Select Shared Folder s Enter the tull path of
272. ll existing permissions Selected permissions ee Full Control ool Modify Read and Execute List folder contents iM Read ow Write F Advanced Permissions Traverse Folder Evecute File W List Folder Read Data V Read Attributes Read Extended Attributes Create FilesWrite Data F Create Folders Anpend Data Access Control Type Fl Allow a Deny Revoke only if there is an exact match objects that have exactly these permissions M cet nacaneehay Click Next to proceed to the next step Follow the steps 5 through 6 as outlined in How to Revoke Permissions from selected Shares permissions list 363 Chapter 4 NTFS Security Manager How to revoke the exact matching permissions from the existing explicit accounts in the share permissions list The Revoke Permissions feature allows an option to revoke existing explicit accounts only if the selected permissions match exactly with the ACE entries in the shares permissions list 2 Revoke Permissions Click on button The Revoke Permissions window will be displayed e Follow the steps 1 through 2 as outlined in How to Revoke Permissions from selected Shares permissions list Step 3 Account selection Select the option All existing accounts that have been assigned explicit permissions pona ere Step 2 of 5 Select user group account s Select the user and or group accounts for
273. ls of subfolder s to read ACLs from 174 Chapter 3 NTFS Security Auditor Folder Levels Folder Levels Compare upto 1 level of sub folder s in the shared folder Compare onby 1 level of sub folder s in the shared folder Compare folders after 1 level of sub folder s in the shared folder Compare only leat nodes in the shared folder ence The Sub folder levels window allows the user to specify the option to enumerate sub folders for comparing their ACLs as stated below e Compare upto N level s of sub folder s in the shared folders This option will take specified shared folders of sub folders which are upto the traversal level and compare ACLs only those named sub folders that are common to the specified shared folders e Compare only Nth level of sub folder s in the shared folders This option will take specified shared folders of sub folders which are in the specified folder level only and compare ACLs only those named sub folders that are common to the specified shared folders e Compare folders after N level s of sub folder s in the shared folders This option will take sub folders which are after the nth folder level of specified shared folders and compare ACLs only those named sub folders that are common to the specified shared folders e Compare only leaf nodes in the shared folders This option will take last child leaf nodes of specified shared folders and compare ACLs only those named sub folders that
274. lude inherited permissions of the specified shared folders for comparison e Use Set sub folder levels to set the levels of subfolder s to read ACLs from Folder Levels Folder Levels Compare upto 1 St jevel of sub folder s in the shared folder E Compare only i St level of sub folder s in the shared folder Compare folders after 1 St level of sub folder s in the shared folder im Compare onby leat nodes in the shared folder The Sub folder levels window allows the user to specify the option to enumerate sub folders for comparing their ACLs as stated below e Compare upto N level s of sub folder s in the shared folders This option will take selected shared folder of sub folders which are upto the specified traversal level and compare ACLs only those named sub folders that are common to the selected shared folder and exported shared folder report 179 Chapter 3 NTFS Security Auditor Compare only Nth level of sub folder s in the shared folders This option will take selected shared folder of sub folders which are in the specified folder level only and compare ACLs only those named sub folders that are common to the selected shared folder and exported shared folder report Compare folders after N level s of sub folder s in the shared folders This option will take selected shared folder of sub folders which are after the nth folder level and compare ACLs only those name sub folders that are common to
275. ly selected permissions will be applied Example If the target share has 7 accounts then this option will remove all the 7 accounts and replace with the new selected accounts and permissions Replace all child objects existing permissions with the inheritable permissions from this object This option will remove explicitly defined permissions on all descendants of the selected shared folder s file s and replace them with inheritable permissions from the selected target shared folder s file s Example If the target share has some subfolders with the explicitly assigned permissions and some subfolders with blocked inheritance then this option will remove all explicitly assigned permissions of subfolders and allow inherited permissions from the parent object Allow inherited permissions from this object s Parent This option will allow the selected target shared folder s file s to inherit permissions from its parent object Example If the target share do not have any inherited permissions and the inheritance from the parent object blocked then this option will allow inherited permissions from the parent object 457 Chapter 4 NTFS Security Manager Copy inherited permissions This option will copy the permission entries that were previously inherited from the parent to this selected target shared folder s file s Example If the target share already allowed to inherit permissions from parent object then this option will rem
276. mary of all the input data would shown below along with the option View changelog to view the summary of all the input data and task completion status lt Revoke permissions Report gt Selected permissions Entries to Revoke permissions Shares folders Wwod4o adminuser folder Wro4 EFf supp folder Wrd49 Shared folder emplate Name Remove all Accounts Mew change log 371 Chapter 4 NTFS Security Manager How to revoke the exact matching permissions from the shares permissions The Revoke Permissions feature provides an option to revoke selected accounts and their permissions only if the selected permission entries match exactly with the ACE entries in the shares permissions list 2 Revoke Permissions Click on button The Revoke Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Revoke Permissions from selected shares permissions list Step 4 Select Access Control type and permissions Select ACE type and permissions and also check the option Revoke only if there is an exact match Revoke Permissions Wizard Step 3 of 5 Select Access Control type and permissions Select the access control type and permissions to revoke From selected shared Folderts File si 0 All existing permissions Selected permissions el Full Control Modify W Read and Execute List folder contents of lead F write Advanced Permissions MW Trav
277. mbers You may also enter the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders option to include all files from the specified folders in the report You can select Include Group members option to include all the members of a group and their sub group members at all group levels in the report Use Set sub folder levels option to view permissions in the selected levels of sub folder s in the shared folder Folder Levels Cral Folder Levels Include upto 3 rd level of sub folder s in the shared folder gt Include onbe 1 St level of sub falder s in the shared folder Include folders after 1 Sl level of sub folder s in the shared folder Include only leat nodes in the shared folder 209 Chapter 3 NTFS Security Auditor Include upto N level s of sub folder s in the shared folder This option will view permissions from sub folders which are upto the specified folder traversal level Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permi
278. ment Please find the attached report generated by NTFS Securty Management Suite 305 Chapter 4 NTFS Security Manager Step 5 Schedule Settings a Power Export Built in Reports Step 5of6 Schedule Settings Enter a unique task name and specify its schedule settings Task Name Effective file perm Specify an account that has sufficent privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser 3 Set Password Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to the next and final step PeP 306 Chapter 4 NTFS Security Manager Step 6 Summary Step 60f6 Summary Click Finish to save the task details List of effective C Wsers Public Docume permissions for users Click here to view Security Management and groups on files Suite 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Schedule Tasks 307 Chapter 4 NTFS Security Manager List of effective permissions for specific users and groups on folders This report lists effective permissions for specific users and groups assigned to set of folders et ne eee ermissions E Built in Reports a Select wf S
279. missions with inhentable permission from this object Ci Export child objects existing permissions E Inheritance Rule e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Copy Permissions from one share to another Share s 444 Chapter 4 NTFS Security Manager How to allow inherited permissions from the parent object to the target shares The Copy Permissions feature provides an option to Allow inheritable permissions from the parent object to the target shared folder s file s Capy Permissions Click on button The Copy Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Copy permissions from one share to another share s e In step 4 select the option Inheritance Rule and then select the option Allow inherited permissions from this object s Parent Copy Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to copy permissions to the selected target shared folder s fle s permission list Assignment Rule Copy the selected permissions to the existing penmissions list f the selected account already exists in the permissions list Add the new permissions to the account s existing permissions oe Replace the account s existing permissions with the new permissions oe E Also apply the above to subfolders and files that do not have inheritance set non4nherted folders and files 6 R
280. mplete click OK Click Next to proceed to the next step 374 Chapter 4 NTFS Security Manager Step 4 Select Access Control type and permissions Click All existing permissions option Revoke Permissions Wizard Step 3 of 5 Select Access Control type and permissions Select the access control type and permissions to revoke From selected shared Folder si Filets All existing permissions O Selected permissions Access Control Type e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Revoke Permissions from selected Shares permissions list 375 Chapter 4 NTFS Security Manager How to revoke permissions from the selected shares permissions list The Revoke Permissions feature provides many options to remove accounts and their permissions from the existing list of ACE entries in shared folders and files You may revoke all existing explicit accounts and also you may selectively revoke a set of permissions granted to accounts 2 Revoke Permissions Click on button The Revoke Permissions window will be displayed as shown below Step 1 Select a Revoke permissions option Select any one of the following options e Revoke all existing accounts and their permissions from the selected shared folder s file s This option will remove all explicitly assigned accounts with all their permissions from the selected shared folder s file s permissions list Note
281. n Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default You can use Customize option to exclude some of the fields from the report as displayed below 78 Chapter 3 NTFS Security Auditor eS Custom View Fields E Full Path Folder Path Sub Folders E Owner User Sroup Name F Account Type Type Inherited amp Explicit Effective Permissions 4 You can use Include group members information option to include all the members of a group and their sub group members at all group levels in the report NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Folder Options Folder Path Mem al miacimace mbes Include sub folders E Traverse only 1 level s of sub folder in the shared folder F F Apply this setting to all folders in list oO o Click OK to proceed Click Finish to gen
282. n Step 1of2 Select Report Select a report from the available DAC Reports Descrivti S E DAC Reports ie is This report lists the Central Effective DAC permissions for specific users and groups on folders A we Policies CAP and Effective DAC permissions for Accounts having permissions on specific folders Central Access Rules configured for a domain List of Central Access Polides CAP and Central Access Rules on the Domain Folders affected not affected by DAC Central Access Policies Click Next to proceed to the next step Step 2 Select Domain s Server s Select the Domain s Server s for which the report needs to be generated 114 Chapter 3 NTFS Security Auditor j Ia a a a a 7g elas rema m JOa mec pa er em eee y a E i apes es oe ee dk mo j D S See Ss e eee fee lee eee Se eee ee tot al Access Policn AFI and Central Access Rules on the Doma Step 2o0f 2 Select Domain s Se 5 Select one or more Domain s Server s to retrieve available DAC Central Access Policies CAP and Central Access rules on the Domain wa RD12 a Ei Servers Workstations Click Finish to proceed to the next step After the data collection process is complete the report would be generated in a report window as shown below 115 Chapter 3 NTFS Security Auditor iy Refresh 3 Export Gy E mail Report Details Report Name List of Central Access Policies CAP and Central Access Rules on t
283. n o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Select error information that needs to be highlighted 3 You may also select Highlight Items for highlighting rows containing certain Permissions and Account status in the report data Select the desired Permissions and status of Accounts that need to be highlighted 259 Chapter 3 NTFS Security Auditor 4 You may also select Include group members for include members of a group and their sub group members at all levels in the report 5 You may also select Include group membership for include membership information of user and group in the report 6 You may also select Include SID for include SID value for user in the report 7 Click Next to proceed to the Next step Step 4 Delivery Options a Power Export Standard Reports Step 4 of 6 Delivery Options Select the report delwery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path All selected report
284. n the specified shared folders Compare ACLs Click on button The Compare ACLs window will be displayed as shown below Step 1 Select an option to compare ACLs Select Compare ACLs of folders option Click Next to proceed to the Next step Compare ACLs Wizard Step 1 of 2 Select an option to compare ACLs Compare ACLs of folders f Compare ACLs of a folder with exported ACL data of another folder oe Step 2 Select shared folder s Select a Baseline reference folder and a Folder to compare using the respective browse buttons 173 Chapter 3 NTFS Security Auditor Compare ACLs Wizard Step 2 of 2 Select shared folder s Select a baseline reference folder and a folder to compare using browse button Click Set subfolder levels to set the levels of subfolder s to read ACLs from Baseline reference Folder Folder to compare Compare AC Select Shares Scan Profiles Computers cx Sample Scans EEE Scan Profiles Shares Gal test 2 ee t m MPRTEST E m PHOENIX im Domain Controllers 1a ES WRD10 WETLOGON rata R D10 NEW TEST FOLDER iowa WWRDLOWEW TEST FOLDER SHARE e Include sub folders Enabling this option will process the sub folders of the specified shared folders for comparison e Exclude inherited permissions Enabling this option will exclude inherited permissions of the specified shared folders for comparison e Use Set sub folder levels option to set the leve
285. nager j Aa wei amp l ACCOUNTS SEIeECTION Select User Group Accounts Select the user and or group accounts for which you would like to Grant the pennissions on Shares folders Enter account name eS Addto list e Li Click OK in Select Shares E acai Cs x Enter the full path of a Share or Shared Folder Click Add From to load the lst of shares Import to import a list of UNC folder paths from a text file Profile Name Sample Profile Share Folder UNC Path Folder Path VWRD30 10000 files each 1 MB 10GB VWRDS0 NETLOGON VWRD3O0 Wew folder VRDSO WWTFSTestfolder VWRDSO share folder for NTFSSA RD3O SYSVOL 5 Click OK to save the Shares profile for future use 564 Chapter 6 Scan Profiles Manager How to manage Scan Profiles Shares Sm Computers ih Users and Groups Click to launch the Scan Profiles Manager Shares The Scan Profiles Manager Shares shows the list of available profiles Te Scan Profile Manager Shares z fou can setup Scan Protiles Shares to scan a subset of shares in servers and save these profiles for repeated use This window lists available profiles Click New to create a new profile Click Edit to modify selected profile Click Delete to delete a profile Click Preview to view the contents of a profile Frequent Scans Sample Profile Delete Preview The Scan Profiles Manager allows
286. nd Execute Read and Execute Read and Execute Status Success User Group Name PHOENTx adm PHOENIX sa PHOENTX adm PHOEN ACCESS Control Type Inherited Owner 5d PHOENIX Sai PHOENDs PHOENIX sa PHOEND adm PHOENDIS a PHOENIKIsa oa PHOEN TN sa PHOEN PHOEN Dadi PHOEN TX Sa SID 1 5 71 23663 72 1 5 71 2366372 1 5 271 23663 72 1 5 271 2366372 1 5 21 2366372 5 1 5 271 23 60372 1 5 271 235603 72 1 5 21 2360372 1 5 21 23603 72 5 1 5 71 23 60372 1 5 21 2360372 1 5 271 235603 72 F 148 Chapter 3 NTFS Security Auditor How to view Power Search Exceptions DACL Reports re Sey Pa G Pi Li all a ee es Permissions SACL Saved Search Click on button under Power Search The Power Search window will be displayed as shown below Step 1 Select Shared Folder s Files Select one or more servers to enumerate its Shared Folder s Files Power Search Wizard Search for Exceptions DACL Step 1 of 4 Select Shared Folder s Files Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder i D paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder
287. ndows Task Scheduler 230 Chapter 3 NTFS Security Auditor Task Status While running Power Export task configured with permissions reports you may need to know the status of the tasks like last folder being processed task start time task complete status For viewing this details you can use the Task Status option This option is especially useful when the schedule task is created in one user context other than currently logged user context For knowing the status of the running permission report task perform the following steps 1 Select a permission report task from the Scheduled Tasks Manager Window 2 The permission report task will be displayed as shown below FRESEARCHLAB adminusers Report Type Server Report Schedule At 6 53 4M on 2462012 Export Export Folder Report Name Servers Domains AS Export PathiTask Name C Users Public Documents NTFS security Management Suite Micheal re 2014 Export Standard Reports Task Shares and Resources Shares 3 To view the selected folder s file s path being processed task running click on the hyperlink over the Task Status column in the right pane The Task Status window will be displayed showing the folder s file s path being processed as shown below 231 Chapter 3 NTFS Security Auditor D Scheduled Tasks al Ea Scheduled Tasks Task Hame TestTask Standard Report Run ms RET 2 admin Report Type Built in Report Schedule At 6 53 AM
288. ndude sub fold Folder level VRAD 10 TestShareFolder True All Do not display folders that have the same permissions as the parent folder Edit Folder Options 1 Select the desired folder s for which you wish to run the permissions report You may also click Import button to import a list of UNC folder paths from a text file 3 Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder 293 Chapter 3 NTFS Security Auditor 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Options button That will show up a window as shown below Folder Options Folder Path ME Indude sub folders Traverse only 1 jevel s of sub folder in the shared folder Mast Apply this setting to all folders in list x Cancel 5 Modify the folder options as required and click OK 6 If you want to exclude specific accounts select Exclude Accounts option Click Accounts button That will show up a window as shown below Exclude A
289. ng rows containing certain Permissions and Account status in the report data Select the desired Permissions and status of Accounts that need to be highlighted 269 Chapter 3 NTFS Security Auditor 4 You may also select Include group members for include members of a group and their sub group members at all group levels in the report 5 You may also select Include group membership for include membership information of user and group in the report 6 You may also select Include SID for include SID value for user in the report 7 Click Next to proceed to the Next step Step 4 Delivery Options a Power Export Standard Reports Step 4of6 Delivery Options Select the report delwery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path All selected reports will be exported to a time stam folder in the format ywyyy mme dd hh mm ss under the task name folder Expert Type Export Export Path Users Public Documents NTFS Security Manageme E mail To Address Micheal Reseachlab com E mail Settings Compress the attachment Note This evaluation version exports e mails only the first 10 records 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path Click Additional E mail Settings button to specify optional e mail setting
290. nherited penissions from the parent C Apply these permissions to objects and or to propagate to this object containers within this container only Select Domains and follow the steps below e Select one or more servers to enumerate its shared folder file path e Select a shared folder file path 416 Chapter 4 NTFS Security Manager Accounts Basic Pennissions Permissions Allow Deny Q Add Domains Refresh ADVENTURE alec a ae ADVENTURE Martin Scan Profiles Shares ADVENTURE alex ADVENTURE Robin Lay ADVENTURE ADVENTURE Richard d Domain Controllers BUILTIN Administrators A RD49 NT AUTHORITY SYSTEM d fae MRDA fae WRD4922 bea WRO4S Address AccountName ACEType Inherited eve WRO49 admin folder ADVENTURE alec Deny No F EE WRD4S ADMINS ADVENTURE alec Allow No ae WRD49 basic per ADVENTURE Martin Allow No fae WRD49 Bulk Test folder ADVENTURE alex Allow No E8 WRD49 Bulk test folder ADVENTURE Rabin Allow No fae WRD49 BulkTestwithOutSam ADVENTURE Richard Allow No fae WAD4S CS BUILTIN Administrators Allow Yes fal WRD49 DS NT AUTHORITYSSYST Allow Yes fat WRD4SNES fai WRD49 Eff supp folder DORON a a 5 Allow Inherited pennissions from the parent ai Apply these permissions to objects and or B WAD4S ExchangeQAB to propagate to this abject containers within this container only Curent owner BUILTIN Administrators Apply onto Select Applyonto option Select Local Drive
291. nistrators Read NT AUTHORITY SYSTEM White CREATOR OWNER Special pemissions i P Eg rdiATest BUILTIN Users ISS sss WRD12 Test folder for NTFSSA ES Wd 2 Testfolder Oeste TY Se Fe H Eg WRD12 testfolder3 Ahne H I Server Shares DISCOVERY adminuser Allow WIN 12 adminuser Allow WIN 12 test2 Allow BUILTIN Administrators Allow NT AUTHORITYASYSTEM Allow CREATOR OWNER Allow BUILTIN Users Allow BUILTIN Users Allow BUILTIN Users Allow Curent owner BUILTIN Administrators Allow Inherited pennissions from the parent to propagate to this object 129 Chapter 3 NTFS Security Auditor Step 2 Select an Account Select an account from the Basic or Advanced permissions list After selecting an account permissions of that account would be shown in the last column as shown below Accounts Basic Permissions Permissions BUILTIN Administrators Full Control DISCOVERY Domain Admins Modify DISCOVERY Enterprise Admins Read and Execute List folder cont DISCOVERYIUSR_RD46 DISCOVERY Mail User1 DISCOVERY adminuser DISCOVER abraham DISCOVERY test Oa ANAR Accounts Advanced Permissions AccourtName ACEType_Inherted RD46 sampletask BUILTIN Administrators ja WRD46 Share foide DISCOVERY Domain EE WAD46 sony DISCOVERY Enterpris E8 WAD46 test group DISCOVERYMIUSR_R EE WRD46 new DISCOVERY MailUser1 Allow DISCOVER adminuser DISCOVERY abraham Allow DISCOVERY test BUILTIN Admin
292. nother account in the shared folder file permissions list How to remove the selected account from shared folder file permissions list How to allow inheritance from the parent to current folder file permissions How to block inheritance from the parent to the current folder file permissions How to modify the basic permissions for an account How to modify the advanced permissions for an account 395 Chapter 4 NTFS Security Manager How to view the share permissions The Modify Permissions feature allows you to view and modify the entire file system permissions You can use many options to modify the permissions of shares With the option Add you can add an account with a permission Read and Execute With the option Remove you can remove an account and its explicit permissions from the share s permissions list You can also edit the existing permissions and Allow and Block inheritance from the parent object Modify Permissions Click on button The Modify Permissions window will be displayed as shown below Step 1 Select folder file path Select folder file path by using the option below 396 Chapter 4 NTFS Security Manager Gratt permissions Permissions Allow Add Dormzins hs Refres Scan Profiles Computers d Share Serwer Scan Profiles Shares cn Shareslist a g Local Drives Account Hame ACEType Inherited Curent owner Apply onto Seect Spplronte opion Allow Inherited permissi
293. nt on 7 E feat WRD4OWFS to propagate to this object Curent owner BUILTIN Administrators 435 Chapter 4 NTFS Security Manager How to modify an account Advanced permissions The Modify Permissions allows you to modify an account advanced permissions Modify Permissions Click on button The Modify Permissions window will be displayed as shown below Step 1 Select folder file path e Follow the list of options to enumerate the shared folders files as outlined in How to enumerate shared folders files Step 2 Select an Account Select the Advanced permissions account for which you want to modify the permissions Permissions Modifier Grant permissions Accounts Basic Permissions Permissions Q Add Domains Refresh ADVENTURE alec Full Control gom No Share Profile found Configure ADVENTURE Martin Modify Domains ADVENTURE alex Read and Execute List folder i ADVENTURE ADVENTURE Robin Read Domain Controllers ADVENTURE Richard Write as Anas BUILTIN Administrators Special permissions fal WRDASI2 NT AUTHORITY SYSTEM Traverse Folder Execute File E waps922 d eplace List Folder Read Data fed WRD49 Address Accounts Advanced Permissions Read Attributes ES WRD49 admin folder AccountName ACEType Inherted Read Edended Attributes ag WRD4S ADMINS ADVENTURE alec Allow No Create Files Write Data ES WRD49 basic per ADVENTURE Martin Allow No
294. ntered during the validation option o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Select error information that needs to be highlighted 249 Chapter 3 NTFS Security Auditor 3 You may also select Highlight Items for highlighting rows containing certain Permissions and Account status in the report data Select the desired Permissions and status of Accounts that need to be highlighted 4 You may also select Include group members for include members of group and their sub group members at all group levels in the report 5 You may also select Include group membership for include membership information of user and group in the report 6 You may also select Include SID for include SID value for user in the report 7 Click Next to proceed to the Next step 250 Chapter 3 NTFS Security Auditor Step 5 Delivery Options e Power Export Standard Reports Step 4of6 Delivery Options Select the report delwery options You can Export and E mail the reports using the options below In case of export option for each task a sub folder
295. nts having destructive access on folders Step 1of3 Select Report Select a report from the list of Security Vulnerabilities Reports S Security Vulnerabilities ao i ME ae EER This report allows you to List of all explicit permissions for folders dienrusers aid groups E List of folders with broken inheritance and their permissions having destructive access List of permissions for orphaned accounts on folders permissions Full Control E List of permissions for disabled user accounts on folders List of permissions for accounts having destructive access on folders Delete etc on folders List of folders that have Deny permissions set both Explicit and Inherited List of user accounts that have indirect access to folders due to nested group membership List of Effective Access for specific user and groups on folders B List of folders that have permissions for Everyone group Click Next to proceed to the next step Step 2 Select shared folders Select one or more servers to retrieve available shares 202 Chapter 3 NTFS Security Auditor Security Vulner Step 20f3 5 Enter the tull d Indude Gror a Domain Controllers The application displays all computers that are currently active in your network using the browser service lf some computers are missing your braver service may not be functioning properly Siternatively you may use the Active Directory services for computer enume
296. nts on all subfolders and files that do not have inherited permissions from its parent object Grant Permissions Click on button The Grant Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Grant Permissions for selected Shares e Instep 4 select the option Add the new permissions to the account s existing permissions or Replace the account s existing permissions with the new permissions e Then select the option Also apply the above to subfolders and files that do not have inheritance set non inherited folders and files Grant Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to add permissions to the selected shared folder s file s permissions list Assignment Rule Add the selected permissions to the existing permissions list ff the selected account already exists in the pennissions list Add the new pennissions to the account s existing pemissions oe Replace the account s existing permissions with the new permissions oe Also apply the above to subfolders and files that do not have inhertance set non nhented folders and files oe Remove all existing accounts and replace with the selected accounts and permissions eo Export child objects existing permissions Back Next Cancel e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Grant Permissions for selected Shares
297. nts on folders List of permissions for disabled user accounts on folders List of permissions for having destructive access on folders List of folders that have Deny permissions set both Explicit and Inherited List of user accounts that have indirect access to folders due to nested group membership List of Effective access for specific users and groups on folders List of folders that have permissions for Everyone group 183 Chapter 3 NTFS Security Auditor List of all explicit permissions for folders This report allows you to view explicit permissions assigned to folders N Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Security Vulnerabilities List of all explicit permissions for folders Step 1of3 Select Report Select a report from the list of Security Vulnerabilities Reports Description Security Vulnerabilities JE This report lists explicit B List of all explicit permissions for folders permissions assigned to List of folders with broken inheritance and their permissions folders B List of permissions for orphaned accounts on folders List of permissions for disabled user accounts on folders List of permissions for accounts having destructive access on folders List of folders that have Deny permissions set both Explicit and Inherited List of user accounts that have indirect acces
298. numerate its shared folder s file s 367 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 1 of 3 Select is Enter the full path Select Shares EE Folder paths Tom a text fle view and select Shares and Folders available From computers displayed below Shared folder file UNC el T ADVENTURE S E Domain Controllers O DRD Folder Path C Roas C WRD e MRDA Address L MRE494ADMIN WARDS adminuser Folder i WROD basic per e VRD49 Bulk Test Folder LJ WRD49 Bulk test Folders E WED BulkTestWithOutSaneasparent L wepssics Scan Profile 5 T i E Apply to all the s Pt Include files pre es l x e Use Select a Scan Profile Shares option to use the Shares added in the profile 368 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 1 of 3 Select shared folder s file s Enter the full path of a shared folder jfile Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Shared folder jfile UNC Path Scan Profile Shares best folder Folder Path Add From WEDS adminuser Folder Wedl49 EFF supp Folder o Wrd49 Shared Folder E Apply to all the sub folders E Include files present inside folders You may also type the UNC path of a folder that is not in the list and then click Add to add it to the list In addition you may also import a list of UNC paths to
299. o proceed Only one report can be selected in this category B List of permissions for specific users and groups on folders List of permissions for folders List of permissions for specific users and groups on files List of permissions for files E List of all permissions for folders Inherited amp Explicit E List of effective permissions for users and groups on folders List of effective permissions for users and groups on files List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files 292 Chapter 3 NTFS Security Auditor 1 Select Permissions Reports from the select report category drop down list Select the desired report Only one report may be selected to run in a single task 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step Step 2 Shared Folder Selection A Power Export Built in Reports Step 2 of 6 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list X of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of effective permissions for users and groups on folders UNC Path Scan Profile Shares Select a Profile m ao Folder Path I
300. o scan a subset of shares in servers and save these profiles for repeated use This window lists available profiles Click New to create a new profile Click Edit to modify selected profile Click Delete to delete a profile Click Preview to view the contents of a profile Frequent Scans Hew Sample Profile Edit Delete Preview 2 Click New button in the Scan Profiles Manager Shares dialog This action will launch the Scan Profiles Shares dialog as shown below 560 Chapter 6 Scan Profiles Manager Scan Protiles 5 Nares x Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import alist of UNCfolder paths from a text file Share Folder UNC Path Folder Path 1 Enter a name for the profile 2 You may type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list as shown below MLO FP Il oe Lolo er the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Profile Name Sample Profile Share Folder UNC Path rd30 NTFSTestfolder Folder Path 561 Chapter 6 Scan Profiles Manager 3 You may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button 4 Click Add From to add list of shared folders from compu
301. of effective permissions for specific users and groups on folders z List of effective permissions for specific users and groups on files Click Next to proceed to the next step 81 Chapter 3 NTFS Security Auditor Step 2 Select User Group Accounts Select user and or group accounts for which you would like to view the permissions for folders files Built in Reports List of effective permissions for specific users and groups on files Step 20f3 Select User Group Account s Select user and or group accounts for which you would like to view the permissions on files folders Account name ca Add to list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt No Profile found gt Selected Accounts Account Name Account Type BUILTIN Administrators Local Group BUILTIN Distributed COM Users Local Group BUILTIN Guests Local Group BUILTIN WIS IUSRS Local Group BUILTIN Performance Log Users Local Group BUILTIN Wsers Local Group PHOENIX Administrator User e Enter the name of User Group in domain account name format and click Add to List to add the name to selected accounts list e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups e Use Browse and Select option to retrieve users and groups from servers or Scan Profile Computers
302. of folders that have permissions for Everyone group _ Generated On 11 4 2014 7 11 18 PM Status Success Folder Path Sub Folders aoe Owner User Name Security Apply To RD10 NTFSTESTFOLDER NTFSTESTFOLDER Folder PHOENIX adminus Everyone Read and Execute This folder subfolders and files RD10 Test folder permissions Test folderpermiss Folder PHOENIX adminus Everyone Well Known Sid Allow Read Attributes This folder subfolders and files Read Extended Atti Create Files Write 226 Chapter 3 NTFS Security Auditor Power Export About Power Export Task Manager Schedule Standard Reports Schedule Built in Reports 227 Chapter 3 NTFS Security Auditor About Power Export NTFS Security Auditor provides a powerful offline report generation tool called Power Export Power Export allows the user to select multiple reports to be run for several domains and servers across the enterprise at scheduled intervals The Power Export tool has the ability to export and or email the reports in different file formats Please note the following while using the Power Export Wizard a Scheduled reports will be created as a task in Windows Task Scheduler The scheduled job will generate and export email the reports in different file formats HTML CSV XLSX and SQL to the desired folder path printer c By default for each task a sub folder with the task name will be created under the specif
303. of sub folder s in the shared folder Include folders after 1 level of sub folder s in the shared folder Include only leaf nodes in the shared folder Apply to subfolders Set Search Pattem Set Subfolder Levels E Include files present inside folders Include upto N level s of sub folder s in the shared folder This option will copy an account permissions on sub folders which are upto the specified folder traversal level Include only Nth level of sub folder s in the shared folder This option will copy an account permissions on sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will copy an account permissions on sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will copy an account permissions on the last child leaf nodes without affecting the parent folder s permissions Click Next to proceed to the Next step Step 2 Select user group account s The User Group Account s will be added to the wizard as shown below 468 Chapter 4 NTFS Security Manager Copy Account Permissions Wizard Step 2 of 3 Select user group account s Enter a user group account to copy permissions From and select the list of account s to copy permissions To Note The source account to copy permissions From must be available in the ACLs of the selected sha
304. oing the following 1 Select any one of the reports from the NTFS Security Management Suite 2014 main application window For example Standard Reports gt Domains Shares option 2 The action will launch the Domains Shares report window 3 Inthe reports windows at the bottom of the treeview click Add Domains button This action will launch the Domain Credentials windows as shown below 14 Chapter 2 Configuration Settings e Domains shares Enterprise DOMAINS 0 Refresh Export Y Filter A Customize a E mail ADVENTURE DISCOVERY PATHFINDER ee ue db Add Domains 4 Domains Shares Enterprise DOMAINS i Refresh i Export Filter He Customize 5 E mail COo ete 44 Domain Credentials Manage altemate credentials for Domain Directory Servers The application by detault uses the curently logged on user context to enumerate computers and shares and to collect NTFS permissions data F you want to specify fm DISCOVERY altemate Domain Administrator credentials you may do so by clicking on the Add button below Click Add domains PATHFINDER _ from forest option to enumerate domains from a different forest and then supply necessary credentials for the selected domain E a Enterprise DOM Lil ADVENTURE fal CONQUEROR FR BP BR lt amp AY Add domains from forest dh Add Domains a q 15 Chapter 2 Configuration Settings Th
305. older in the list below and Click Edit Folder Options to modity the default properties for scanning each folder Report List of permissions for folders UNC Path Scan Profile Shares Frequent Scans CE Folder Path Include sub Fold Folder level 4dd From WO Address True All ee WRO4S NTFS Bulk Sharez True All mmp WROFSINTES BulkTest Share True All Remove WEDS ATES Security Manager True All WRO4F9 Test share Folder True All F R Do not display Folders that hawe the same permissions as the parent oe aaa E Include group membership information Include SID lt Back Wesck gt Close e Inthe succeeding steps select needed details for generating reports for selected shares 571 Chapter 6 Scan Profiles Manager How to apply Scan Profiles Shares in NTFS Security Manager Module You can apply Scan Profile Shares to Grant Permissions Revoke Permissions Copy Permissions and also Modify Permissions that involves changes to permissions for the accounts on shared folder s file s The following steps describe on how to apply Scan Profiles Shares in the Grant Permissions wizard 2p Grant Permissions Click on button in the toolbar The Grant Permissions window will be displayed as shown below Grant Permissions Wizard Step 1 of 6 Select shared folder s file s Enter the full path of a shared folder file Click Add From to load the list of shares Import to import a
306. older3 for NTFE DISCOVERY test Allow H B WRD46itest folders for NTFE DISCOVERY test4 Allow Pg WROD46 vtest folder for NTFE BUILTIN Administrators Allow E WRD4E ADMINS a ae fae WRD46 newtest alae le to oe permissions to objects and or Allow Inherited permissions from the parent Sue et ii estshari containers within this container only i Eg WRD45 Testshare fa peice Eas EF containers wi hin this container only SEY WRnaRins ii Select Apphyonto option Select Scan Profiles Shares and follow the steps below e Select shares profile and enumerate its shared folder s file s list e Select a shared folder file path 415 Chapter 4 NTFS Security Manager Grant permissions Accounts Basic Permissions Permissions Q Add Domains Q Refresh ADVENTURE alec Scan Profiles Computers ADVENTURE Martin al Share Server ADVENTURE alex Scan Profiles Shares ADVENTURE Rabin c Public Shares ADVENTURE Richard ES WAD48 Testshare BUILTIN Administrators J E NT AUTHORITY SYSTEM BB WRD49 Permission foder Ladd C E8 WRD49 Share E8 WRD49 Shared folder deed Mee i Domains ADVENTURE alec a Local Drives ADVENTURE alec Allow ADVENTURE Martin Allow ADVENTURE alex Allow ADVENTURERobin Allow ADVENTURE Richard Allow BUILTIN Administrators Allow NT AUTHORIT SYS Allow 2S 1 0 Curent owner BUILTIN Administrators Apply onto Select Applyonte option Allow I
307. olders that end with Scan Profile 9 oF Add Starts with JS Remove Ends with test Reset ah are Falder Path RD 10 NEW TE ROIDHEWT Remove Do not display files that have the same permissions as the parent folder Include files present inside folders Click Next to proceed to the next step 163 Chapter 3 NTFS Security Auditor Step 2 Select Audit Type and Permissions Select Audit Type and permissions to search in the Audit Control List of the selected share s folder s files s Power Search Wizard Permissions SACL Step 2 of 4 Select Audit Type and Permissions Select Audit type and permissions to search in the Audit Control List of the selected shares f Folders Filets Audit Type Success W Failure Both Success and Failure Show both inherited and explicitly assigned CO Show inherited only C Show explicit only Permissions Full Control Traverse Folder 7 Execute File l List Folder Read Data Read Attributes Read Extended Attributes Create Files Write Data Create Folders Append Data eel Write Attributes E Wiite Extended Attributes Show exact match folders files that have exactly these permissions Back Merck Cancel 164 Chapter 3 NTFS Security Auditor Step 3 User and or Group Selection 1 Select the user or group for which you wish to run the search 2 The selected users will be added to the wizard as sho
308. olders that match certain pre defined conditions like Folder name starts with Folder name ends with Example Folder name starts with test Folder name ends with share 381 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 1 of 5 Select shared folder s file s Starts with Remove Ends with test iii share Apply to sub folders Include files present inside folders e Use Set Folder Levels option to revoke permissions in the selected levels of sub folder s in the shared folder 382 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 1 of 5 Select shared folder s file s Enter the full path of a shared folder file Click Add From to load the list of shares Import to import a list of UNC folder paths from a text fle and CSY file Click Set Search Pattern to set the search criteria for sub folder s Set Subfolder Levels to set the levels for sub folder s Shared folder file UNC Path Scan Profile Shares Select a Profile oO Folder Path Folder Levels Add From VWRDIO WEW TEST FOLDER Folder Levels RD10 NEW TEST FOLDER SHAR Import Apply upto 1 level of sub folder s in the shared folder i Apply only 2 aJi nd Jeyel of sub folder s in the shared folder Apply folders after 1 level of sub folder s in the shared folder H Appl ony leaf nodes in the shared folder Apply to sub folders Set Search Pattern Set Folder Levels include file
309. omain server Browse and Select Selected Accounts Account Name BUILTIN Administrators BUILTIN Users PHOENIX Administrator PHOENIX Wadminuser 1 PHOENIX Vadminuser2 PHOENIX adminuser3 PHOENIX adminuser4 Enter User Group name in domain account name format and click Add to List to add the user group to the selected accounts list Use Select a Scan Profile Users Groups option to use the users and groups added in a profile For more information on Scan Profiles click About Scan Profiles Users Groups Use Browse and Select option to retrieve users and groups from servers or Scan Profile Computers 218 Chapter 3 NTFS Security Auditor act Accounts Users Groups available from computers displayed below da Add Domains Scan Profiles Computers c ia Sample Scans i i Domain Controllers PHOENIX Administrator PHOENIX Guest Use the Find option to search desired user group accounts Click Next to proceed Step 3 Select shared folders Select one or more servers to retrieve available shares 219 Chapter 3 NTFS Security Auditor SECURITY VUES SITIES FE TTTECTIVE ACCESS TOT SPECITIC USEF And groups on TOMders Step 3of3 Sv Scan Profiles Computers ea ay sam Domain Controllers api RD 10 ADMINS RD10 c The application displays all computers that are currently active in your network using the browser service If some computers are missing your
310. omize option to exclude some of the fields from the report as displayed below Ta Custom View Fields E Full Path Folder Path Sub Folders E Owner User Group Name E Account Type Type Inherited amp Explicit Effective Permissions F You can select Include group members option to include all the members of a group and their sub group members at all group levels in the report NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options 72 Chapter 3 NTFS Security Auditor Folder Path Include sub folders Traverse only 1 4 level s of sub folder in the shared folder Apply this setting to all folders in list Click OK to proceed Click Finish to generate the selected report After the data collection process is complete the report would be generated in a report window as shown below Q Refresh Export Filter 5a E mail Report Details Report Name List of effective permissions for users and groups on files Generated on 07 Jun 2014 11 06 41 AM Status Success Type Folder File Folder File Folder File Owner User Group Account Maki Member Type Inherited amp Eiociive Perisai Path Name T Name T Members a sh Explicit RD10 NETLOGON NETLOGON Folder BUILTIN Administr BUILTIN Administr Alias PHOENDX Administ User Explicitly assigned Traverse
311. on 2416 2072 Task started ak 2 16 2012 11 50 26 4M Last processed WADADUsers kenyornwMy Documents a Edit Task Delete Task Exported Files Click here to view Click here bo mat sin Close 232 Chapter 3 NTFS Security Auditor Schedule Shares Folders and Files Reports Built in Reports Select option under Power Export This will bring up the Power Export Wizard Step 1 Report Selection E4 Power Export Shares Folders and Files Step 1of5 Report Selection Select the desired reportis using the checkboxes given below ei server Reports W Shares and Resources 1 Select the report s using the checkboxes to the left of the reports You may select any number of reports to run in a single task 2 Reports falling under Server Reports scan each server and collect data specific to each server They are further classified by the category they report on viz Users Policies Events etc 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step 233 Chapter 3 NTFS Security Auditor Step 2 Server Selection for Server Reports Step 2 of 5 Server Selection For each of the following reports select the list of servers for which you would like to generate the report Double click on a report or click Add Servers The report for each of the selected servers will be exported as a separate file 1 Click
312. on to include all files from the specified folders in the report Use Set sub folder levels option to view permissions in the selected levels of sub folder s in the shared folder i Folder Levels Folder Levels Include upto 3 aird level of sub folder s in the shared folder Include onb 1 level of sub folder s in the shared folder gt Include folders after 1 St jevel of sub folder s in the shared folder gt Include only leaf modes in the shared folder Include upto N level s of sub folder s in the shared folder This option will view permissions from sub folders which are upto the specified folder traversal level 225 Chapter 3 NTFS Security Auditor Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permissions from sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folder s permissions Click OK to proceed Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below i Qj Refresh 3 Export p E mail Report Details Report Name List
313. one or more directory to enumerate its subfolders and files e Selecta directory or subfolder file path Security Viewer Share Folder path Accounts Basic Permissions Permissions Local Drives BUILTIN Admuiristrators Modify T AA WIM 2 administrator Read and Execute List folder cont _ oy WIN 2 testuserl Read ge Ds WINT 2 testd Write Se E1 NT AUTHORITY SSy STEM Special permissions H Ef dmn Folder CREATOR OWNER J Contidential Share BUILTIN Users O Annn A a Debug Accounts Advanced Permissions H 9 DocKIT Account Name ACEType Inherited Permissions folder Everyone Allow E Prathap BUILTINNAdministrators Allow J C Test WINT2 administrator Allow _ Test folder for NTF SSA WIN12 testusert Allow H E Testfolder WIN12 testd Allow H E testfoldert BUILTIN Administrators Allow testfolder2 NT AUTHORITYSS S Allow testfolders CREATOR OWNER Allow Domains BUILTIN Users Allow Gil DISCOVERY Ul RESEARCHLAB ob Allow Inherited pennissions from the parent i_ ee to propagate to this object Current owner BUILTIN Administrators 133 Chapter 3 NTFS Security Auditor Select Domains and follow the steps below e Select one or more servers to enumerate its shared folder file path e Select a shared folder file path Permissions BUILTIN Administrators DISCOVERY Domain Admins DISCOVERY Enterprise Admins d i D
314. ons Cleaning up the information based on your selection Uninstall NTFS Security Management Suite 2014 application Remove all application files and uninstall NTFS Security Management Suite 2014 application from the machine C Uninstall NTFS Security Management Suite 2014 application and cleanup application settings Remove all application files and uninstall NTFS Security Management Suite 2014 application from the machine Also deanup all scheduled tasks log file exported files and other reports settings Click Next to proceed 578 Chapter 6 Scan Profiles Manager 3 Confirm the cleanup and or uninstall process NTFS Security Management Suite 2014 Uninstall Wizard Step 2 of 2 Cleanup Process Cleaning up the information based on your selection Click Finish button to proceed with the deanup process or dick Cancel button to terminate the uninstall wizard lt Back t Finish cancel Click Finish to run cleanup and or uninstall process Click Cancel to close the wizard 4 Once the file cleanup process is complete the uninstall wizard will automatically run Windows Installer program to remove NTFS Security Management Suite 2014 application from the machine 579
315. ons from the parent 7 Apply these permissions to objects and or UI to propagate to this object containers within this container only Aopy Select Scan Profiles Computers and follow the steps below e Select one or more servers to enumerate its shared folder file e Select a shared folder file path 397 Chapter 4 NTFS Security Manager Eaz Accounts Basic Permissions Permissions Allow Deny Hck Ehsaan Refresh DISCOVERY abraham Scan Profiles Computers BUILTIN Administrators E cy ae DISCOVERY Domain Admins c DISCOVERY DISCOVERY adminuser c RD46 DISCOVERY test i BE WRD45inokia DISCOVERY test4 i EE WRD46 ARKAD Screen Sho J NT AUTHORITY SYSTEM Ea WRD4B CS EE WRD46 Share AccountName ACETyp Inherted Bg WAD4S ExchangellM DISCOVERY abraham Deny Na Ba WRDAB Effective BUILTIN Administrators Allow No PE WRD46 8 MW share folder DISCOVERY Domain A Allow No EE WRD45 Resources DISCOVERY adminuser Allow No E8 WRD46 ExchangeOAB DISCOVERY abraham Allow No EE WRD46 test folder3 for NTFS DISCOVERY test Allow Wo i fae WRD46 test folder4 for NTFS DISCOVERY test4 Allaw No E8 WRD46 test folder for NTFE BUILTIN Administrators Allow Yes i pE WRD4MAD h INS BIT Arama eo au Pa Bg WAD46 newtest Curent owner BUILTIN Administrators DENTIA Allow Inherited permissions from the parent a Dagi eqs fari F ulm IL i z enero to propagate to this abject naked URDA a Apply
316. ons from the shares permissions list The Revoke Permissions feature allows an option to revoke all existing explicit accounts in the shares permissions list 27 Revoke Permissions Click on button The Revoke Permissions window will be displayed as shown below Step 1 Select a Revoke permissions option Select the option Revoke all existing accounts and their permissions from the selected shared folder s file s Revoke Fermissions Wizard Select any one of the options to revoke permission entries From the shared Folderisiifileis h Revoke all existing accounts and their permissions from the selected shared folder s tile s Ci Revoke a selected set of accounts and their permissions from the selected shared folder s fle s oe Merck Cancel Click Next to proceed to the Next step 366 Chapter 4 NTFS Security Manager Step 2 Select shared folder s file s Select shared folder s file s by using any of the input options displayed l erpsjrrim Ar Dp sr a Z rC EINS LN S Weld L Step 1 of 3 Select shared folder s file s Enter the full path of a shared folder jfile Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Shared folder fle UNC Path Scan Profile Shares Select a Protile Folder Path Apply to all the sub folders Include files present inside folders e Click the option Add From e Select one or more servers to e
317. ontrollers ADVENTURE Richard M apas BUILTIN Administrators BEE waa NT AUTHORITY SYSTEM Be wow fed WRD49 Address Accounts Advanced Permissions faa WRD49 admin folder AccountName ACEType Inherited ES WRD4S ADMINS ADVENTURE alec Al a WRAD49 basic per ADVENTURE Martin Al E8 WRD49 Bulk Test folder ADVENTURE alex Al eee WRD49 Bulk test folderi ADVENTURE Robin Allow Es WRD49 BulkTestWithOu ADVENTURE Richard Allow Al Al Al ow co ow ES WRD4VCS BUILTIN Administrators E8 WRD49 DS NT ALUTHORITY SYST fat WRD4SNES ADVENTURE adminuser fae WRD49 ETT supp folder een Sarge og oe ies Pea e Curent owner BUILTIN Administrators Apply onto selectApplyonto option v ad WAD49 ExchangeOAB Allow Inherited pennissions from the parent C i F E WRD4S FS to propagate to this object repans low Yes ow Yes ow Yes Apply these permissions to objects andor containers within this container only 427 Chapter 4 NTFS Security Manager How to allow inheritance from the parent to current folder file permissions You may use the Permissions Modifier to allow inherited permissions from the parent to the current folder file permissions Modify Permissions Click on button The Modify Permissions window will be displayed as shown below Step 1 Select folder file path e Follow the list of options to enumerate the shared folders files as outlined in How to enumerate shared folders f
318. or orphaned accounts on folders Step 1of2 Select Report Select a report from the list of Security Vulnerabilities Reports Descrint Security Vulnerabilities cription This report lists the B List of all explicit permissions for folders permissions for orphaned E List of folders with broken inheritance and their permissions accounts on folders List of permissions for disabled user accounts on folders List of permissions for accounts having destructive access on folders List of folders that have Deny permissions set both Explicit and Inherited E List of user accounts that have indirect access to folders due to nested group membership List of Effective Access for specific user and groups on folders List of folders that have permissions for Everyone group Step 2 Select shared folders Select one or more servers to retrieve available shares 194 Chapter 3 NTFS Security Auditor Security Vulne Step 2of2 Sets folder paths fron default proper tig Share Folder UN 3 Scan Profiles Computers Scan Profile S 3 cx a sam S E Domain Controllers rom A Ro10 aoming WADWO C The application displays all computers that are currently active in your network using the browser service lf some computers are missing your braver service may not be functioning properly Siternatively you may use the Active Directory services for computer enumeration 195 Chapt
319. ore the domain user context for enumerating servers using ADSI The stored user profile will be useful for generating reports using NTFS Security Management Suite 2014 under the following scenarios e Using an alternate user account to connect to the domain to retrieve servers using ADSI e Providing credentials that have sufficient rights to enumerate shares present in computers within a domain The stored user profile persists for all subsequent logon sessions on the same computer where NTFS Security Management Suite 2014 is installed The stored user profiles are visible to the application under other logon sessions on the same computer The stored user profile created by NTFS Security Management Suite 2014 is restricted to the Windows User Profile context If the Windows User Profile is maintained locally NTFS Security Management Suite 2014 stored user profile is accessible only by the same user in the same computer If the user who creates NTFS Security Management Suite 2014 stored user profile has a Roaming user account in the enterprise the NTFS Security Management Suite 2014 stored user profile can be accessed by the same user in any computer in the Windows enterprise The stored user profile is a generic credential of Windows Stored User Names and Passwords applet Credential Manager and can be used by the application only The credential information is stored securely in a 256 bit encrypted format in Windows Stored User Names and Pass
320. ors saa Explicitly assigned Traverse Folder Ex Execute File ae Explicitly assigned Traverse Folder Execute File Explicitly assigned Traverse Folder Execute File 80 Chapter 3 NTFS Security Auditor List of effective permissions for specific users and groups on files This report lists the effective permissions assigned to a specific user group account for files available in a set of folders Click on Shares and Resources Hutton under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Built in Reports List of effective permissions for specific users and groups on files Step 1of3 Select Report Select a report from the available Builtin Reports Description TE o This report lists the effective a List of permissions for specific users and groups on folders permissions assigned to a E List of permissions for folders Specific usergroup account for files available in a set of folders Permissions vee List of permissions for specific users and groups on files a List of permissions for files E List of all permissions for folders Inherited amp Explicit seve List of effective permissions for users and groups on folders seen List of effective permissions for users and groups on files vee List
321. ort ay E mail View Show All Show History Status Success From 4 29 2015 fle To 5 29 2015 H Generated on 29 May 2015 05 28 16 PM Date and Account Time Name lt Copy Account per 5 29 2015 5 25 51 Copy Permissions Wd40 test 5 29 2015 5 25 25 Copy Permissions f rd40 test 1 Selected Task Name Options Share Path Permissions Access Type Apply To Remove Source Act T 5 29 2015 5 24 51 Copy Permissions Ff rd40 TestShare 5 29 2015 5 23 49 Copy Permissions F rd40 test 1 Remove Source Aci 7 5 29 2015 5 23 13 CopyPermissions F rd40 TestShare 1 lt Grant permission 5 29 2015 5 15 36 voyager glory wd40 TestShare Read Allow This folder subfolg Add the new permis 1 5 29 2015 5 15 09 voyager adminuse rd40 TestShare 5 29 2015 5 14 08 VOYAGER gary VO wd40 Test 5 29 2015 5 12 42 voyager david voy rd40 TestShare 5 29 2015 5 11 36 voyager adminuse rd40 testshare in Read and Execute Allow Modify Allow Read and Execute Allow Modify Allow Thi Thi isfo is fo This fo Th is fo Ider subfol e Add the new permis 1 Ider subfol Add the new permis 1 Ider subfol e Add the new permis 1 Ider subfol e Add the new permis 1 j Select required From and To dates Select Grant Permissions in the View option Then click Show History button The Grant Permissions history will be displayed as shown below 510 Chapter 6
322. ounts For which you would like to grant permissions on shared Folder si File s Enter account name Ee Add to list oo Accounts from domainierver Browse and Select Accounts trom Scan Profiles Users sroupss Frequent Accounts ka oe Selected Accounts Accounk Name Accounk Type Remove A0VENTURE alec User 40VENTURE Angelo User ADYENTURE James User ADVENTURE michael User eed eens eee e Inthe subsequent steps select the necessary details for granting permissions for accounts present in the Scan Profile Users Groups 558 Chapter 6 Scan Profiles Manager About Scan Profiles Shares You can setup Scan Profiles Shares to scan a subset of shares present in computers and save these profiles for repeated use useful for repeatedly scanning and reporting on different subsets of share folders permissions For more information about Scan Profiles Shares follow the links given below e How to create Scan Profiles Shares e How to manage Scan Profiles Shares e How to apply Scan Profiles Shares 559 Chapter 6 Scan Profiles Manager How to create Scan Profiles Shares Perform the following steps to create a Scan Profiles Shares Sm Computers a ols Users and Groups 1 Select from the Configuration tab This action will launch the Scan Profiles Manager Shares dialog as shown below J Scan Profile Manager Shares fou can setup Scan Profiles Shares t
323. ounts from reporting select Exclude Accounts option Click Accounts button to launch Exclude Accounts window as shown below 66 Chapter 3 NTFS Security Auditor Exclude Accounts Exclude the following accounts Unknown Accounts E Disabled Accounts E Expired Accounts Additional accounts Accounts BUILTIN Administrators E NT AUTHORITY Authenticated Users NT AUTHORITY SYSTEM E BUILTIN Users Select the accounts which you want to exclude and click OK You can use Customize option to exclude some of the fields from the report as displayed below Ta Custom View Fields E Full Path Folder Path Sub Folders E Owner User Group Name E Account Type Type Inherited amp Explicit Effective Permissions F You can select Include group members option to include all the members of a group and their sub group members at all group levels in the report NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options 67 Chapter 3 NTFS Security Auditor Folder Path ME Indude sub folders Traverse ony level s of sub folder in the shared folder Apply this setting to all folders in list Click OK to proceed Click Finish to generate the selected report After the data collection process is complete the report would be generated in a report window
324. oup Account s Select user and or group accounts for which you would like to view the permissions on files folders Account name ca Add to list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt No Profile found gt Selected Accounts Account Name Account Type BUILTIN Administrators Local Group BUILTIN Backup Operators Local Group BUILTIN Guests Local Group BUILTIN Print Operators Local Group BUILTIN Replicator Local Group BUILTIN Wsers Local Group e Enter the name of User Group in domain account name format and click Add to List to add the name to selected accounts list e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups e Use Browse and Select option to retrieve users and groups from servers or Scan Profile Computers 36 Chapter 3 NTFS Security Auditor View and Select Accounts UsersGroups available from computers displayed below S A Domain Controllers RD 10 e Use the Find option to search desired user group accounts Click Next to proceed 37 Chapter 3 NTFS Security Auditor Step 3 Select shared folders Select one or more servers to retrieve available shares Enter the tull path of a Shard Ect Shares folder paths from a text file properties for scanning each WRD 10 NETLOGON WRD 10 WEW TE
325. oup membership List of Effective Access for specific user and groups on folders List of folders that have permissions for Everyone group Step 2 Select shared folders Select one or more servers to retrieve available shares 198 Chapter 3 NTFS Security Auditor Security Vulne Step 2of2 Sele Enter the full pa folder paths fro default proper Share Folder UI are Folder Scan Profiles Computers Scan Profile S 2 cx al sam o E M tests oy Domain Controllers RD 10 ADMINS WAD1O CS The application displays all computers that are currently active in your network using the browser service lf some computers are missing your browser service may not be functioning properly Aternatively you may use the Active Directory services for computer enumeration 199 Chapter 3 NTFS Security Auditor Security Vulnerabilities List of permissions for disabled user accounts on folders Step 2o0f 2 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Folder level WRD10 NETLOGON WRD10 NEW TEST FOLDER VWRDIOW tt test
326. out NTFS Security Manager Module NTFS Security Manager module provides a powerful Management tool for managing NTFS Security across your entire Windows network NTFS Security Manager module helps to manage the security of File systems in your servers and workstations e Grant permissions in bulk for multiple Accounts to your Files Folders and Shares e Replace existing permissions with new permissions e Remove selected Accounts with all its permissions from the Files Folders and Shares permissions list e Copy permissions from one File Folder and Share to bulk of Files Folders and Shares permissions list e Remove permissions from explicitly assigned Account permissions e Allow or Block inheritance from the parent Share Folder into the current File Folder and Share e View and Modify each Account permissions on Shares Folders and Files e Replace an account with another account in the shared folder file permissions list e Apply Central Access Policy on shared folder s file s e Revoke Central Access Policy from the shared folder s file s Vyapin s NTFS Security Management Suite 2014 has been architected using the latest Microsoft NET technology bringing you the best in breed NTFS reporting and management solution for your entire Windows Network The software is highly optimized for performance using native Windows API calls wherever appropriate resulting in fast data collection of permissions from Shares Folders and F
327. ove the inheritance and add the inherited permissions as explicit permissions in the permissions list Remove inherited permissions This option will remove the permission entries that were previously inherited from the parent and keep only those permissions explicitly selected here Caution Removing permission inheritance from parent may break permissions policies designed with the default inheritance option enabled Use this option after a careful review Example If the target share is already set to inherit permissions from parent object then this option will remove the inheritance from parent object Click Next to proceed to the Next step Step 5 Save as template Enter a name and description to save the input settings as a template You may reuse this template later Copy Permissions Wizard Step 5 of 6 Save as Template Optional Enter a name and description to save the input settings as a template You may reuse this template later Template Name copy permissions task 1 Template Description 458 Chapter 4 NTFS Security Manager Click Next to proceed to the next step Step 6 Summary This step displays the summary of all the input data along with the selected options Copy Permissions Wizard Step 6 of 6 Summary Report Shows the details of all inputs provided in the wizard Selection Summary Source shared folder file Vrd46 Test Folder Target shared folder s file s 1 rd46 Bulk fol
328. p 3 of 5 Select Access Control type and permissions Select the access control type and permissions to revoke From selected shared Folder si File s C All existing permissions C Selected permissions El Advanced Permissions Traverse Folder E secute File E List Folder Read Data E Read Attributes Read Extended Attributes Access Control Type Allow Dery Revoke only if there i an exact match objects that have exactly these permissions Select ACE type and permissions to revoke the selected accounts on the selected shared folder s files s 387 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 3 of 5 Select Access Control type and permissions Select the access control type and permissions to revoke From selected shared Folder s Filets All existing permissions Selected permissions Full Control Modify eel Read and Execute List folder contents iM Read write J F Advanced Permissions C Traverse Folder Execute File List Folder Read Data W Read Attributes V Read Extended Attributes Create Files rite Data Create Folders 4 00end Data Access Control Type Wf Allow C Dery Revoke only if there is an exact match objects that have exacth these permissions Back Merck Cancel Click Next to proceed to the next step Step 5 Revoke permissions now or Schedule it to run later You may use either Run now or Run lat
329. pecially useful if you want to generate permissions reports for certain users and groups frequently The following shows permissions reports that involves specific users and groups Report Name List of permissions for specific users and groups Reports the folder permissions assigned to on folders specific users and or groups on a selected set of folders List of permissions for specific users and groups Reports the files permissions assigned to specific on files users and or groups under a selected set of folders List of effective permissions for specific users and Reports the effective permissions for specific groups on folders users and groups available in a set of folders List of effective permissions for specific users and Reports the effective permissions for specific groups on files users and groups for files available in a set of folders Scan Profiles Users and Groups and permission reports for specific users and groups You can apply a Scan Profile Users Groups to permissions reports either using Power Export Tool for off line generation or Interactive Report Generation This option will useful if permissions for certain Users and Groups need to be monitored frequently Rather than searching for Users and Groups adding then to account list and viewing their permissions You can use the create a subset of Users and Groups save them as a profile generating permissions reports for subset that of users and groups
330. pecific user and groups on folders Q Refresh Export Ey E mail Report Details Report Name List of Effective Access for specific user and groups on folders Generated 0n 11 4 2014 6 47 27 PM Status Success Object User Group Account Folder Path Sub Folders Type Owner rath Type Type Inherited amp Explicit Effective Permissions RD10 NETLOGON NETLOGON Folder BUILTIN Administr PHOENIX adminus User Active Inherited from BUILTIN Administrator Traverse Folder Execute File PHOENIX Administi User Active BUILTIN Administr Alias Explicitly assigned group BUILTIN Guests Alias Explicitly assigned group PHOENIX sam User Active PHOENIX adminus User Active PHOENIX adminus User Active Inherited from BUILTIN Administrator Traverse Fol der Execute File BUILTIN Users Alias Explicitly assigned group RD10 Ntfs testfolder p Ntfs test folder pe Folder PHOENIX adminus PHOENIX adminus User Active BUILTIN Administr Alias Explicitly assigned group Full control BUILTIN Users Alias Explicitly assigned group PHOENIX sam User Active Inherited from BUILTIN Guests gt CN PHOENIX adminus User Active BUILTIN Guests Alias PHOENIX Administ User Active New Text Docume File PHOENIX adminus BUILTIN Administr Alias Ntfs test folder pe Folder PHOENIX adminus PHOENIX adminus User Active m 222 Chapter 3 NTFS Security Auditor List of folders that have permissions for Everyone group Thi
331. ple sharing folders from their workstations Are there Shares in workstations that need further security scrutiny e What type of permissions and conditions have been configured for each the Central Access Rules CAR in Central Access Policy CAP over the domain controller Windows Server 2012 e Who have access limited permissions by Dynamic Access Control DAC Central Access Policy CAP on Which folder e Which shared folders and subfolders in Windows Server 2012 have been affected not affected by the Central Access Policy With Vyapin s NTFS Security Auditor Module you can perform a complete security scan of Shares Folders and Files present in your network You can perform an automated inventory of permissions on Folders and Files at regular intervals and keep a constant watch on the health of your NTFS security You can also view the effective DAC Dynamic Access control permissions in Windows Server 2012 Our solution provides a variety of audit reports that are simple elegant and highly customizable for System Chapter 1 General Information Administrators IT infrastructure Managers and Systems Audit personnel to use and act on There are several powerful ready to use reports that assist in both Management reporting and Compliance reporting requirements such as SOX and HIPAA Vyapin s NTFS Security Auditor serves your needs of administrative tasks as well as complex data preparation tasks for assisting in compliance Ab
332. port Select a report from the available DAC Reports Description This report lists the effective DAC permissions for the Effective DAC permissions for Accounts having permissions on specific folders specified users and groups List of Central Access Policies CAP and Central Access Rules on the Domain Folders affected not affected by DAC Central Access Policies E E DAC Reports Effective DAC permissions for specific users and groups on folders Click Next to proceed to the next step Step 2 Account Selection 1 Select the accounts for which you wish to view the DAC permissions 2 The selected accounts will be added to the wizard as shown below 100 Chapter 3 NTFS Security Auditor DAC Reports Effective DAC permissions for specific users and groups on folders Step 2o0f3 Select User Group Account s Select accounts for which you would like to view the DAC permissions on folders Enter account name Accounts from domain server Browse and Select Accounts from Scan Profiles UsersSroups Select a Profile Selected Accounts Account Name e Enter the name of User Group in domain account name format and click Add to List to add the name to selected accounts list e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile For more information on Scan Profiles click About Scan Profiles Users Groups e Use Browse and Select option to retrieve user
333. ports the Central Access Policies CAP and Access Rules on the Domain Central Access Rules configured for a domain Folders affected not affected by DAC Central Reports the folders affected not affected by the Access Policies DAC Central Access Policy and Central Access Rules Note The DAC Reports feature can run on Windows 8 Windows 8 1 Windows Sever 2012 and Windows Server 2012 R2 computers only 98 Chapter 3 NTFS Security Auditor How to view the effective DAC permissions for the specified accounts Effective DAC permissions for specific users and groups on folders DAC Reports Click on button The DAC Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time DAC Reports Step 1of3 Select Report Select a report from the available DAC Reports Description g E DAC Reports Select a report from the Hi Effective DAC permissions for specific users and groups on folders available DAC Reports sete Effective DAC permissions for Accounts having permissions on specific folders see List of Central Access Policies CAP and Central Access Rules on the Domain Folders affected not affected by DAC Central Access Policies 99 Chapter 3 NTFS Security Auditor DAC Reports Effective DAC permissions for specific users and groups on folders Step 1of3 Select Re
334. ports using the options below In case of export option for each task a sub folder with the task name will be created under the specified export path All selected reports will be exported to a time stamped folder in the format yywyy mm dd hh mm ss under the task name folder Expert Type Export Export Path Users Public Documents NTFS Security Manageme Micheal Reseachlab com E mail Settings Compress the attachment Note This evaluation version exports e mails only the first 10 records 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path Click Additional E mail Settings button to specify optional e mail settings as shown below 297 Chapter 4 NTFS Security Manager You can customize the SMTP Server From and oe address Subject and body of the e mail messa Subject Reports generated by NTFS Security Management Please find the attached report generated by NTFS Securty Management Suite 298 Chapter 4 NTFS Security Manager Step 5 Schedule Settings a Power Export Built in Reports Step 5of6 Schedule Settings Enter a unique task name and specify its schedule settings Task Name effective folder perm Spedfy an account that has suffident privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser 3 Schedule Task Daily Every 1 day s Enter a unique name for the task
335. pter 1 General Information How to activate the software Once you purchase the software online or through any one of our resellers you will receive a sale notification through e mail from our sales department We will send you an e mail with the necessary instructions to activate the software In case you do not receive an e mail from our sales team after you purchase the software please send the following information to our sales department at sales vyapin com with the sales order number e Company Name End user Company Name e Location City amp Country for the Company Name given above Please allow 12 to 24 hours from the time of purchase for our sales department to process your orders Activate NTFS Security Management Suite 2014 License Type NTFS Security Auditor Evaluation Copy NTFS Security Manager Evaluation Copy To activate the software copy and paste the license key in the textbox below License Key Cancel Image 1 Activate screen Perform the following steps to activate the software 1 Download evaluation trial copy of software from the respective product page available in our website at http www vyapin com 2 Install the software on the desired computer You will receive a license key through e mail as soon as the purchase process is complete 4 Click Activate in Application Menu gt About gt Activate menu to see the Activate dialog as shown in Image 1 5 Copy the license key sent
336. puters in NTFS Security Auditor Module You can apply a Scan Profile to one or more reports to restrict the list of computers during report generation This is especially useful if you want to generate reports for a subset of computers This page covers the following topics with regard to usage of Scan Profiles e Scan Profiles and Power Export Tool off line report generation e Scan Profiles and Interactive Report Generation Scan Profiles and Power Export Tool off line report generation You can apply a Scan Profile to one or more reports using the Power Export Tool for off line generation to restrict the domain scope and to scan and collect data for a subset of computers in the network The report data will be collected for all computers in the applied Scan Profile However if the applied Scan Profile becomes unavailable during report generation likely to happen if the Scan Profile is accidentally deleted the report data will not be collected at all and will result in an error Furthermore if there are no computers to be found in the Scan Profile for a domain for which the report is being generated then the report generation will fail as well This is likely to happen if the domain is not included in the Scan Profile or none of the computers in the domain are running the Windows version setup in the Scan Profile Scan Profiles and Interactive Report Generation You may also apply a Scan Profile to reports and view the data in interact
337. r Apply this setting to all folders in list Click OK to proceed Click Finish to generate the selected report After the data collection process is complete the report would be generated in a report window as shown below Q Refresh jsp Export P Filter Sy E mail Report Details Report Name List of permissions for files Generated on 07 Jun 2014 12 16 10 PM Folder File Folder File Path Name RD10 NETLOGON NETLOGON Foie te Owner User Name Dero Type Type Folder BUILTIN Administr BUILTIN Administr Group Access Type Member Members Type PHOENIX Administ User Full Control Apply To Subfolders andfiles only PHOENIX Domain 4 group PHOENIX Administ No Traverse Folder E This folder only Full Control Traverse Folder E Subfolders andfiles only This folder only PHOENIX adminus No Full Control Traverse Folder E Subfolders andfiles only This folder only PHOENIX adminus No PHOENIX adminus No Full Control Subfolders andfiles only Full Control Traverse Folder E This folder only Subfolders andfiles only PHOENIX adminus No Traverse Folder E This folder only Full Control Traverse Folder E Subfolders andfiles only This folder only PHOENIX adminus No Traverse Folder E Subfolders andfiles only This folder only PHOEN X Enterpris group PHOEN X Administi No
338. r s permissions Click OK to proceed Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below Security Vulnerabilities Reports List of user accounts that have indirect access to folders due to nested group membership Q Refresh 6 Export Ey E mail Report Details Report Name List of user accounts that have indirect access to folders due to nested group membership Generated On 11 4 2014 7 21 23 PM Status Success Object User Account Sub Folders Type Owner Nisa Type RD10 NETLOGON NETLOGON Folder BUILTIN Administrat CN adminuse User Active CN adminuse User Active Folder Path Security Inherited Apply To Inherited From Traverse Folder 5 No Traverse Folder No This folderonly BUILTIN Administrators gt PHOENIX Enterprise Admins gt PHOENIXY This folderonly BUILTIN Administrators gt PHOENIX Enterprise Admins gt PHOENIX BUILTIN Administrators gt PHOENIX Enterprise Admins gt PHOENIX CN adminuse User Active CN adminuse User Active CN adminuse User Active CN adminuse User Active PHOENIX Adm User Active CN adminuse User Active CN adminuse User Active CN Administr User Active PHOENIX Adm User Active CN Administr User Active CN adminuse User Active CN Administn User Active Traverse Folder 5 No Full Control No Full Control No Full Control No Full Control No Traverse Fol
339. r 3 NTFS Security Auditor Step 3of3 Sele Enter the tull path elect at ares eal sea i View and s select Shares and Folders available from computers displayed below dh Add Domains 5 Domain Controllers a RD10 p Bonet apy foe CS er Options same permissio 101S 5 Indude group n WRD10 TestsnareFolder tomize 77 Chapter 3 NTFS Security Auditor Built in Reports List of effective permissions for specific users and groups on folders Step 3of3 Select Shared Folder s Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Indude sub folders Folder level WRD10 NETLOGON True All YRD10 WEW TEST FOLDER True All WRD10 WEW TEST FOLDER SHARE True All gt Do not display folders that have the Edit Folder Options same permissions as the parent folder Indude group members You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import butto
340. r File Path PHOENIX adminus No Full Control Subfolders andfiles only J Traverse Folder TE This folder only PHOENIX adminus No Full Control Subfolders andfiles only Traverse Folder 5 This folder only PHOENTX adminus No Full Control Subfolders andfiles only Traverse Folder E This folder only PHOENIX adminus No Full Control Subfolders andfiles only Traverse Folder E This folder only PHOENTX adminus No Full Control Subfolders andfiles only Traverse Folder I5 This folder only PHOENIX Enterprise Ad group PHOENIX Administ No Full Control Subfolders andfiles only Traverse Folder E This folder only c a 53 Chapter 3 NTFS Security Auditor List of permissions for files This report allows you to view the associated permissions for specific files Click on S Shares and Resources button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Built in Reports List of permissions for files Step 1of2 Select Report Select a report from the available Builtin Reports Description This report lists the permissions assigned to E List of permissions for folders files under a specific folder a 4 Permissions List of permissions for specific users and groups on folders List of permi
341. r which you want to exclude and click OK 8 You can use Customize option to exclude some of the fields from the report as displayed below m E Full Path Folder Path Sub Folders E Owner User Group Name E Account Type Type Inherited amp Explicit Effective Permissions T gt lectAll Clear All Cancel 9 Select the customize options as required and click OK 303 Chapter 4 NTFS Security Manager 10 Click Next to proceed to the Next step Step 3 Additional report settings A Power Export Built in Reports Step 3 of 6 Additional report settings Select additional report settings Additional Report Settings Validate for Errors Generate report ignoring any errors found Generate report only if no errors were found Send error report through e mail E mail Settings Indude errors as part of the report Highlight Errors Access is denied E The specified network name is no longer available E The specified path file name or both are too long E Blocked Inheritance F Full Control Modify E Delete Indude group members information 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate the report even if errors are encountered during the val
342. ration 203 Chapter 3 NTFS Security Auditor Security ate List of permissions i eet having Ene cere on eee 2s Step 2o0f 3 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC a A folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the FEE default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path WRD10 NETLOGON WRD10WEW TEST FOLDER WAD 10 NEW TEST FOLDER SHARE RD10 Ntfs test folder permissions Indude files present inside folders Set sub folder levels Indude Group members You may also enter the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders option to include all files from the specified folders in the report You can select Include Group members option to include all the members of a group and their sub group members at all group levels in the report Use Set sub folder levels option to view permissions in the selected levels of sub fo
343. red folder s Copy Pennissions From Account name E Remove Source Account from the ACL after the copy operation Copy Pemissions To Account name Accounts from domain server Browse and Select Accounts fram Scan Profiles Users Groups Select a Protile Accounts Account Name Account Type Enter a user or group account for which you wish to Copy Permissions From Note The source account to copy permissions From must be available in the ACLs of the selected shared folder s Use Remove Source Account from the ACL after the copy operation option to remove the source account from the ACL once the copy operation is complete Select the list of user or group accounts for which you wish to Copy Permissions To 469 Chapter 4 NTFS Security Manager oOpyY ACCOUNT FEMMISSIONS wWeizare I POE ASS PSS Va leoe Step 2 of 3 Select user group account s Enter a user group account to copy permissions From and select the list of account s to copy permissions To Note The source account to copy permissions From must be available in the ACLs of the selected shared folder s Copy Pennissions From Account name phoenisam 0 Remove Source Account from the ACL after the copy operation Copy Pennissions To Accounts from domain server Browse and Select Accounts fram Scan Profiles Users Groups Select a Protile Accounts Account Name Account Type phoenix adminuser2 phoenix saru Click Next to proc
344. rent This option will allow the selected shared folder s file s to inherit permissions from its parent object Example If the share do not have any inherited permissions and the inheritance from the parent object blocked then this option will allow inherited permissions from the parent object Copy inherited permissions This option will copy the permission entries that were previously inherited from the parent to this selected shared folder s file s 354 Chapter 4 NTFS Security Manager Example If the share already allowed to inherit permissions from parent object then this option will remove the inheritance and add the inherited permissions as explicit permissions in the permissions list Remove inherited permissions This option will remove the permission entries that were previously inherited from the parent and keep only those permissions explicitly defined granted here Caution Removing permission inheritance from parent may break permissions policies designed with the default inheritance option enabled Use this option after a careful review Example If the share is already set to inherit permissions from parent object then this option will remove the inheritance from parent object Click Next to proceed to the Next step Step 5 Save as template Enter a name and description to save these settings as a template for reuse later Grant Permissions Wizard Step 5 of 6 Save as Template Optional Enter a name and
345. rent folder option would be enabled by default You can use Customize option to exclude some of the fields from the reports as displayed below 141 Chapter 3 NTFS Security Auditor E Full Path Folder File Path Object Type Folder File Name Permissions Access Control Type Inherited Owner NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Folder Options Folder Path its Include sub folders E Traverse only 1 level s of sub folder in the shared folder F Apply this setting to all folders in list Use Set Search Pattern option to exclude sub folders that match certain pre defined conditions like Folder name starts with Folder name ends with Example Folder name starts with test Folder name ends with share 142 Chapter 3 NTFS Security Auditor Power Search Wizard Permissions DACL Step 1 of 4 Shared Folder s Files Enter the full P Folder Search Options paths from a td ee a scanning each Starts with Ends with share Include files present inside folders Click Next to proceed to the next step Remove 143 Chapter 3 NTFS Security Auditor Step 2 Select Access Control Entry Type and Permissions Select ACE Type and permissions to search in the Access Control List of the selected share s folder s files s UR rna a see
346. rent owner BUILTIN Administrators Allow Inherited pennissions from the parent to propagate to this object Select Scan Profiles Computers and follow the steps below e Select one or more servers to enumerate its shared folder file e Select a shared folder file path 127 Chapter 3 NTFS Security Auditor Permissions CREATOR OWNER Full Control NT AUTHORITY SYSTEM Modify BUILTIN Administrators Read and Execute List folder cont 5 Scan Profiles Computers BUILTIN Users Read d Share Serwer Write d i DISCOVERY Special permissions MEEA eee ACETyp inherted CREATOR OWNER NT AUTHORITYSSYS WRD46 Share folde BUILTIN Administrators EE WRD46 sony BUILTIN Users EE WRD46 test group BUILTIN Users EE WRD46 new BUILTIN Administrators Yes ES WRD46 ExchangeUl NTAUTHORITY SYS Allow Yes fee WRD4ENE ffective CREATOR OWNER Allow Yes Ee WRD46 BMW share BUILTIN Users Allow Yes EE WRD46 Example Curent owner BUILTIN Administrators E WAN4RIFechannen T Allow Inherited permissions from the parent t to propagate to this object Select Scan Profiles Shares and follow the steps below e Select Shares profile and enumerate its shared folder s file s list e Select a shared folder file path 128 Chapter 3 NTFS Security Auditor Permissions Allow DISCOVERY adminuser Full Control WIN12 adminuser Modify WIN 12 test Read and Execute List folder cont BUILTIN Admi
347. reports generated For e mailing reports NTFS Security Management Suite 2014 requires SMTP Server From E mail Address To E mail Addresses recipients separated by semicolon and the e mail report format NTFS Security Management Suite 2014 maintains a single SMTP Server and a From E mail Address for use by all reports You can specify a separate set of To e mail addresses recipients e mail report format subject and body of the message for each reports You can set SMTP Server and From Address by clicking Configuration gt Configuration Settings in the NTFS Security Management Suite 2014 main application window as shown below Configuration Settings E mail Settings Specify the SMTP Server name and Sender From e mail address to send the generated reports through e mail a Computer Enumeration An SMTP server is the server that is used for your outgoing e mail JA Domain Credentials SMTP Server d45 When you send e mail your name will appear in the from of the outgoing message Type your name as you would like it to appear I J Database Settings vee a NTFS Security Manager From Address Alex E Fring researchlab com fq NTFS Security Auditor Ex someone example com igi Module Listing Show at startup 26 Chapter 3 NTFS Security Auditor User Connection Profiles NTFS Security Management Suite 2014 creates a user profile in Windows Stored User Names and Passwords applet Credential Manager in order to st
348. response Include the version of the product you are using If the problem is associated with installation include the steps that led to the problem If the problem is associated with usage please state the series of steps you performed Include the version of the OS info about any service packs or hot fixes and local language of the OS installed e Attach the Error Log File available in the common application data path of NTFS Security Management Suite 2014 e g lt Application Data gt NTFS Security Management Suite 2014 NTFSSecurityManagementSuite2014ErrorLog Log 20 0 Note lt Application Data gt is the common area where NTFS Security Management Suite 2014 settings will be stored in the computer running NTFS Security Management Suite 2014 The lt Application Data Folder gt can be found from the Help gt About screen The default path of lt Application Data Folder gt is as follows The path will be as follows a Windows XP Windows 2003 C Documents and Settings All Users Documents b Windows Server 2008 Windows Server 2012 Windows Vista Windows 7 Windows 8 C Users Public Documents Chapter 2 Configuration Settings Configuration Settings Database Settings Computer Enumeration Configuring Domain Credentials Add a domain Edit a domain Delete a domain Add domains from forest Configure SMTP serves User Connection Profiles Module Listing Chapter 2 Configuration Settings Database
349. rights for the owner or the currently logged on user to perform this operation Example If the share has some subfolders and files with the blocked inheritance then this option will assign permissions based on the selected options Remove all existing accounts and replace with the selected accounts and permissions This option will remove all existing accounts that have explicitly assigned permissions for the selected shared folder s file s and replace them with the selected accounts and permissions Note that this will not remove inherited permissions from parent folder Caution All existing account permissions will be cleaned up completely and the newly selected permissions will be applied Example If the share has 7 accounts then this option will remove all the 7 accounts and replace with the new selected accounts and permissions Replace all child objects existing permissions with the inheritable permissions from this object This option will remove explicitly defined permissions on all descendants of the selected shared folder s file s and replace them with inheritable permissions from the selected shared folder s file s Example If the share has some subfolders with the explicitly assigned permissions and some subfolders with blocked inheritance then this option will remove all explicitly assigned permissions of subfolders and allow inherited permissions from the parent object Allow inherited permissions from this object s Pa
350. rity Management Suite 2014 creates NTFSSecurityManagementSuite2014 CLIENTO1 with data NTFSSecurityManagementSuite2014 CLIENTO1 mdf and log NTFSSecurityManagementSuite2014 CLIENTO1_log LDF files stored in the default SQL data folder in the SQL server for example C Program Files Microsoft SQL Server MSSQL 1 MSSQL Data 11 Chapter 2 Configuration Settings NTFS Security Manager module stores its data in use MS Access database Configuration Settings NTFS Securty Manager Module stores its data in MS Access Only g General jf Computer Enumeration f Domain Credentials A User Connection Profiles a E mail Settings ij Database Settings vee F NTFS Securty Manager NTFS Security Auditor M Module Listing Database cleanup NTFS Security Management Suite 2014 will delete the application database while uninstalling the NTFS Security Management Suite 2014 application from the computer 12 Chapter 2 Configuration Settings Configure Computer Enumeration For enumerating computers in your network automatically NTFS Security Management Suite 2014 uses either Computer Browser Service or Active Directory Services Select an option for enumerating computers in your domain as shown below You may use the Browser service if you have a smaller network as it may take time for the Browser service to respond to data requests on large networks The advantage of a Browser service is that i
351. rity Manager Apply this setting to all folders in list 5 Modify the folder options as required and click OK 6 You can use Customize option to exclude some of the fields from the report as displayed below E Full Path Folder Path Sub Folders E Owner UserSroup Name E Account Type Type Inherited amp Explicit Effective Permissions 7 Select the customize options as required and click OK 8 Click Next to proceed to the Next step 312 Chapter 4 NTFS Security Manager Step 4 Additional report settings A Power Export Built in Reports Step 4 of 7 Additional report settings Select additional report settings Validate for Errors Generate report ignoring any errors found Generate report only if no errors were found Send error report through e mail eee ae Access is denied Indude errors as part of the report The specified network name is no longer available The specified path file name or both are too long E Highlight Items Permissions Accounts i F Blocked Inheritance F Full Control E Modify F Delete Indude group members information 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate th
352. rmissions for users and groups on files E List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files 1 Select Permissions Reports from the select report category drop down list Select the desired report Only one report may be selected to run in a single task 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step 255 Chapter 3 NTFS Security Auditor Step 2 Shared Folder Selection A Fower Export Built in Reports Step 7 of 6 Shared Folder Selection Enter the full path of a Share or Shared Folder Click 4dd From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of permissions for folders UNC Path Folder Path Indude sub fold Folder level VAD 10 TestShareFolder True All Do not display folders that have the same permissions as the parent folder Edit Folder Options Exclude Accounts Exclude inherited permissions 1 Select the desired folder s for which you wish to run the permissions report You may also click Import button to import a list of UNC folder paths from a text file 3 Folders that have identical permissions as the parent folder would show up with Same as parent
353. rors Generate report ignoring any errors found Generate report only if no errors were found Send error report through e mail Highlight Errors Access is denied The specified network name is no longer available The specified path file name or both are too long Indude errors as part of the report E Highlight Items Permissions Acco F Blocked Inheritance F Full Control E Modify F Delete Indude group members Indude group membership Indude SID 1 Select the Validate for Errors option for validating the folders files based on the folder traversal option selected before proceeding to report generation o Generate report ignoring any errors found This option will validate the folders files path s and generate the report even if errors are encountered during the validation option o Generate report only if no error were found Send error report through e mail This option will validate the folders files path s and skip the report generation if errors were encountered during the validation option It will then email the error s encountered during the validation process to users 2 You may select Include errors as part of the report option for including the error information of folders files into report data Select error information that needs to be highlighted 3 You may also select Highlight Items for highlighting rows containing
354. rs RD 10 ADMINS RD10 cs The application displays all computers that are currently active in your network Indude files 9 using the browser service lf some computers are missing your browser service may not be functioning properly Aternatively you may use the Active Directory services for computer enumeration 224 Chapter 3 NTFS Security Auditor Security Vulnerabilities List of folders that have permissions for Everyone group Step 2of 2 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile Folder Path Folder level WRD10 NETLOGON WRD10 NEW TEST FOLDER VWRDIOW tt test folder permissions Indude files present inside folders Set sub folder levels You may also enter the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file and CSV file by using the Import button You can select Include files present inside folders opti
355. rt Built in Reports Step 2 of 6 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Report List of all permissions for folders Inherited amp Explicit UNC Path Scan Profile Shares Select a Profile m ao Folder Path ve Polder level VRAD 10 TestShareFolder All Do not display folders that have the same permissions as the parent folder Edit Folder Options 1 Select the desired folder s for which you wish to run the permissions report You may also click Import button to import a list of UNC folder paths from a text file 3 Folders that have identical permissions as the parent folder would show up with Same as parent in User Name and or Security fields in the report However if you do not want folders with identical permissions as the parent folder reported then select Do not display folders that have same permissions as the parent folder option This option will not report folders with identical permissions as the parent folder 284 Chapter 3 NTFS Security Auditor 4 NTFS Security Auditor defaults to scanning all the sub folders for a given folder If you want to modify the Include sub folders and sub folder level options click Edit Folder Opt
356. rt generation You can apply a Scan Profiles Shares to permissions reports using Power Export Tool for off line generation Power Export Standard Reports gal Shares and Resources scheduled Tasks button in the toolbar Click on Select any one of the permissions reports listed above and click Next to proceed In the next step select the option Select a Scan Profiles Shares as shown below 569 Chapter 6 Scan Profiles Manager K Fower Export Built in Reports Step 2 of 5 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths trom a text tile select a folder in the list below and Click Edit Folder Options ta modity the default properties for scanning each folder Report List of permissions for folders UNC Path Scan Profile Shares Select a Protile CE Folder Path Include sub Fold Folder level Add From Import lt Back Mesck gt Close e Inthis step the list of shares present in Scan Profile Shares will be loaded to the selected account list as shown below 570 Chapter 6 Scan Profiles Manager K Fower Export Built in Reports Step 2 of 5 Shared Folder Selection Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths trom a text tile select 4 f
357. rted IF Address Host Mame 10 10 10 44 ACVENTUIREVO49 o Changes to the external text file will not automatically be reflected in the Scan Profile You need to edit the Scan Profile and re import the updated IP address list from the file 4 Click OK to save the Scan Profile for later use 535 Chapter 6 Scan Profiles Manager How to manage Scan Profiles Computers AOMPuUTErS ais Users and Groups Shares l Click in Configuration tab to launch the Scan Profiles Manager The Scan Profiles Manager shows the list of Scan Profiles available Scan Profiles Manager Computers You can setup Scan Profiles to scan a subset of computers in the network and save these profiles For repeated use This window lists available profiles Click Mew to create a new profile Click Edit to modify selected profile Click Delete to delete a profile Click Preview to view the contents of a profile Database Servers Resource Serve Winzekl1 Workstations About Scan Profiles w The Scan Profiles Manager allows you to perform the following operations e Create a new Scan Profile e Edit an existing Scan Profile e Delete a Scan Profile e Preview the list of computers in a Scan Profile Create a new Scan Profile 1 To create a new Scan Profile click New 2 Follow the steps as outlined in How to create Scan Profiles 536 Chapter 6 Scan Profiles Manager Edit an existing Scan Profile To edit a Sc
358. rts The built in reports have been categorized to the following Permissions Reports Shares and Resources reports 242 Chapter 3 NTFS Security Auditor Schedule Permissions Built in Reports Permissions Reports Permissions Reports includes reports that focus solely on reporting the access permissions assigned to users and groups on objects such as folders etcetera List of permissions for specific users and groups on folders List of permissions for folders List of permissions for specific users and groups on files List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files 243 Chapter 3 NTFS Security Auditor List of permissions for specific users and groups on folders This report allows you to view folder permissions for specific users and groups eee ef Shares Folders and Files 8 Shares and Resources bring up the Power Export Wizard Step 1 Report Selection Power Export Built in Reports Step lof Report Selection Select the desired report to proceed Only one report can be selected in this category List of permissions for specific users and groups on folders 3 List of permissions
359. rts How to manage Power Search 137 Chapter 3 NTFS Security Auditor About Power Search The Power Search feature lets you perform powerful conditional Search queries of NTFS Permissions on Files and Folders You may select specific permissions from the list of standard permissions and Advanced special permissions and run a query to determine who have these permissions on which folders and files You may Save frequently used queries for reuse them later Here are some examples of how you may make effective use of this feature Search on who has Full Control on which folders and files Select a set of accounts and determine for which folders and files they have Full control access Determine which accounts have modify or delete permissions on critical files and folders Determine what type of permissions members of the Administrators group have on specific folders and files Determine where Inheritance from Parent folder has been explicitly removed Determine Accounts for which folders have explicit Allows or Denys set on them ese ee ed 138 Chapter 3 NTFS Security Auditor How to view Power Search Permissions DACL Reports i rermmsstons ALL Exceptions DACL Permissions SACL Click on Za aNed Search button under Power Search The Power Search window will be displayed as shown below Step 1 Select Shared Folder s Files Select one or more servers to enumerate its Shared Folder s Files Aer n
360. rty Management Suite 2014 ahi E General an ai Computer Enumeration fA Domain Credentials A User Connection Frofiles O Show licensed modules only T E mail Settings ii Database Settings Show all modules A NTFS Security Manager fia NTFS Security Auditor F Module Listing e Use the Show all modules option to view all available modules in the NTFS Security Management Suite 2014 e Use the Show licensed modules only option to hide the license expired modules in the NTFS Security Management Suite 2014 30 Chapter 3 NTFS Security Auditor NTFS Security Auditor Standard Reports Built in Reports DAC Reports Security Viewer Power Search Power Export 31 Chapter 3 NTFS Security Auditor Built in Reports About Built in Reports How to view Built in Permissions Reports How to view Built in Reports for Shares and Resources 32 Chapter 3 NTFS Security Auditor About Built in Reports Built in reports are a set of predefined reports that are based on some of the common tasks in NTFS permissions reporting Built in reports are easy to use because of the built in queries that speed up the report generation process The built in reports feature provides reports in the following categories Permissions Reports Shares and Resources 33 Chapter 3 NTFS Security Auditor How to view Built in Permissions Reports Permissions Reports Permissions Reports includes reports th
361. rugan S15 21 3221124959 1708411652 13110397 Creata Falders Append Data BUILTIN Administri ADVENTURE nanes 5 1 5 21 3221 194958 1708411652 13110397 WRDSS TestShare Folder TestShare Read Extended Attributes i BUILTIN Administr ADVENTURE sample gri S 1 5 21 3291124950 170841 1652 13110297 Write Attributes BUILTIN Administr ADWENTURE sample an S d F21 322711950 1708411552 13110307 Read Extended Attributes BUILTIN Administ ADVENTURES ample m 5l 21 3221124958 1708411652 13110397 Write Extended Attributes i i BUILTIN Administr ADVENTURE Stewe Aust 1 5 21 3221124958 1700411652 13110397 WRDS5 TestLocear Folder _TestLocagroups Read Miributes l BUILTIN Administr ADVENTURE Yoganand ca a 135110397 eee oo 168 Chapter 3 NTFS Security Auditor How to manage Power Search Permissions DACL Exceptions DACL Permissions SACL Click to launch the saved search s window The windows shows the list of search s that were saved over the period of time Power search Reports This window shows the list of saved Power Search reports Select a saved search report from the list of saved searches to proceed Click Edit to edit the search settings Delete to delete the search Aun to generate the search report View Details to view the search settings SLUMMary Search Name Search Desorption SeT fan Cess Chec k SETS phig Capri modify The saved se
362. rver E Windows NT Workstation KIT Mm cancel i Select Select specific Windows version s option ii Select one or more Windows versions Only computers running the selected Windows version will be included in the computer list iii You may optionally select specific domains from the list of domains to include computers only from the selected domains If you choose not to select any domains then the Scan Profile includes all domains in the network Note This type of profile is dynamic in nature in that the list of computers are prepared at run time that is at report generation time C Importing list of computers from a text file 532 Chapter 6 Scan Profiles Manager scan Profile Computers mE You can specify a computer list by using either the Import option or by selecting computers From the network Or you may select specific versions of Windows Profile Mame Profile Select computers From network Select specific Windows version s Import list of computers From text File Import list of IP addresses From text File File Moke CHUsers Administrator Desktop workSkationsList tt The file should contain computer names in the Format Romain Computer with each entry Click here to view a sample Note Import Cancel Select Import list of computers from text file option Click browse
363. s Example If the share has some subfolders with the explicitly assigned permissions and some subfolders with blocked inheritance then this option will remove all explicitly assigned permissions of subfolders and allow inherited permissions from the parent object Allow inherited permissions from this object s Parent This option will allow the selected shared folder s file s to inherit permissions from its parent object Example If the share do not have any inherited permissions and the inheritance from the parent object blocked then this option will allow inherited permissions from the parent object Copy inherited permissions This option will copy the permission entries that were previously inherited from the parent to this selected shared folder s file s Example If the share already allowed to inherit permissions from parent object then this option will remove the inheritance and add the inherited permissions as explicit permissions in the permissions list Remove inherited permissions This option will remove the permission entries that were previously inherited from the parent and keep only those permissions explicitly defined granted here Caution Removing permission inheritance from parent may break permissions policies designed with the default inheritance option enabled Use this option after a careful review 409 Chapter 4 NTFS Security Manager Example If the share is already set to inherit permissions from p
364. s ccounts Advanced Permissions Account Name ACEType Inherited Select Apphyonto option e Click the option Add From e Select one or more servers to enumerate its shared folder s file s 402 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 1 of 6 Select Sb Enter the Full path select Shares From a text File view and select Shares and Folders available From computers displayed below Share Folder UNC F i ADVENTURE Scan Profile Share i Domain Controllers o D RD49 Folder Path 3 3 NRD49 Address Add From _ s WRD49aDMIN m E WRO4S adminuser Folder WRO49 basic per LJ WRD491Bulk Test Folder WRD49 Bulk best Folder 1 E WROD BulkTestwithoutSameasparent LJ WRD LJ Wrpssips Weo4sies Cancel Cancel e Use Select a Scan Profile Shares option to use the shares added in the profile 403 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 1 of 6 Select shared folder s file s Enter the Full path of a shared Folder file Click Add From to load the list of shares Import to import a list of UNC Folder paths Fron a text file and CSY file Share Folder UNC Path oe Scan Profile Shares best profile Folder Path rl PTGLit WERD49 Address WRD49 basic per Import WRD4S Bulk Test Folder WRO 4 9 Bulk best Folder 1 WAD4S EFF supp Folder Remove Merck Cancel You may also t
365. s E Read Extended Attributes E Create Files write Data E Access Control Type e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Revoke Permissions from selected Shares permissions list 373 Chapter 4 NTFS Security Manager How to revoke the Orphaned SIDs from the share permissions list The Revoke Permissions feature allows an option to revoke Orphaned SIDs from the share permissions list Revoke Permissions Click button The Revoke Permissions window will be displayed e Follow the steps 1 through 2 as outlined in How to Revoke permissions from the selected shares permissions list Step 3 User and or Group selection Select the Orphaned SIDs option and click Select button Revoke Permissions Wizard Step 2 of 5 Select user group account s Select the user and or group accounts for which you would like to revoke permissions on selected shared folder s file s O All existing accounts that have been assigned explicit pennissions Selected accounts Orphaned SIDs Select Orphaned SIDs Orphaned 5 Ds found in the selected shared folder s file s SID E 5 1 5 21 2016690531 1711533783 2620996624 7215 E 5 1 5 21 2016690531 1711533783 2620996624 7216 E S 1 5 21 2016690531 1711533783 2620996624 7 122 E S 1 5 21 2016690531 1711533783 2620996624 7128 Select the Orphaned SIDs in Select Orphaned SIDs dialog Once SID selection is co
366. s in the shared folder Include only leat nodes in the shared folder Include upto N level s of sub folder s in the shared folder This option will view permissions from sub folders which are upto the specified folder traversal level 196 Chapter 3 NTFS Security Auditor Include only Nth level of sub folder s in the shared folder This option will view permissions from sub folders which are in the specified folder level only Include folders after N level s of sub folder s in the shared folder This option will view permissions from sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folder s permissions Click OK to proceed Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below Q Refresh 3 Export Gy E mail Report Details Report Name List of permissions for orphaned accounts on folders Generated 0n 11 4 2014 7 33 52 PM Status Success Folder Path Sub Folders oa Owner User Name Toe inherted Securty Apply To RD10 Test folder Test folderpermissions Folder PHOENIX adminus S 1 5 21 23663726 Allow Read and Execute List Fold This folder subfolders and files 1 5 21 23663726 Allow Read and Execute List Fold This fol
367. s Local Group BUILTIN Remote Desktop Users Local Group BUILTIN Replicator Local Group UILTIN Server Operators Local Group BUILTIN Users Local Group Enter User Group name in domain account name format and click Add to List to add the user group to the selected accounts list 187 Chapter 3 NTFS Security Auditor Use Select a Scan Profile Users Groups option to use the users and groups added in a profile For more information on Scan Profiles click About Scan Profiles Users Groups Use Browse and Select option to retrieve users and groups from servers or Scan Profile Computers i Select Accounts View and Select Accounts Users Garoups available from computers displayed below da Add Domains Ee Scan Profiles Computers cx Sa Sample Scans Gy Domains amp Ea PHOENIX i Domain Controllers d Ro10 Use the Find option to search desired user group accounts Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below 188 Chapter 3 NTFS Security Auditor i Refresh p Export Er E mail Report Details Report Name List of all explicit permissions for folders Generated 0n 12 30 2014 6 55 02 PM Status Success Folder Path oi Pokies Tki E Ta T Ee ae a Security Apply To RD10 NETLOGON NETLOGON Folder BUILTIN Adminis BUILTIN Administ coe falom falconi Subfolders andfiles only
368. s and follow the steps below e Select and traverse one or more directory to enumerate its subfolders and files e Selecta directory or subfolder file path 417 Chapter 4 NTFS Security Manager Permissions Modifier Share4Folder path Grant permissio E Add Domains amp Refresh Scan Profiles Computers BE Share server Scan Profiles Shares H Public Shares Domains Nt Local Drives a oe aE Windows autoexec bat config sys pagetile sys Accounts Basic Permissions ADVENTURE tmichael ADVENTURE Angelo ADYENTUREM artin BUILTIN Administrators NT AUTHORITY SYSTEM BUILTIM Users NT AUTHORITY Authenticated Users ast Grae iene Accounts Advanced Permissions ACET yo Inheritec ADVENTURE michael Allow ADVENTURE Angelo Allow ADVENTURE michael Allow ADVENTURE SMartin Allows BUILTIN Administrators Allow BUILTIN Administrators Allow NT AUTHORITYSS4 S Allow NT AUTHORITY SSS Allow Account ame Permissions Allow Deny Current owner BUILTIN Administrators Allow Inherited pennissions from the parent to propagate to this object Apply onto Apply th C NLAINEI 5 elect A4pplyonto option e permi ito this objects andor w th in tris er only m 418 Chapter 4 NTFS Security Manager How to replace an account with another account in the shared folder file permissions l
369. s and groups from servers or Scan Profile Computers 101 Chapter 3 NTFS Security Auditor he LO WIN12 SM_eb 1a72c4d4c547f8b L_ wiN12 SM_e3e870dfid1c4193b s O WIN12 8M_8626937d 13484d2a8 e L WIN12 5M_Safob83af0e849 1ba 256938738 7bb4d5c8 E WIN12 5M_0799 14d66b0a46e0b MN testuserl ma m o r rrr O mar i J iN ore T or j f ie rr e Tr Fey oo Merr gir m Lh Aa PREC i EN A A I s Im ko EE Haa F ee i if Uye eens s SO See eS See Step 2o0f3 Select User Group Account s Select accounts for which you would like to view the DAC permissions on folders Enter account name ea Add to list accounts tom domaiserver Accounts from Scan Profiles Users Selected Accounts 102 Chapter 3 NTFS Security Auditor Click Next to proceed Step 3 Select Shared Folders Select shared folder s by using any of the input options displayed DAC Reports Effective DAC permissions for specific users and aro Step 3of3 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares e Click the option Add From e Select one or more servers to enumerate its shared folders 103 Chapter 3 NTF
370. s as shown below 270 Chapter 3 NTFS Security Auditor You can customize the SMTP Server From and oe address Subject and body of the e mail messa Subject Reports generated by NTFS Security Management Please find the attached report generated by NTFS Securty Management Suite 271 Chapter 3 NTFS Security Auditor Step 5 Schedule Settings A Power Export Built in Reports Step 6 of T Schedule Settings Enter a unique task name and specify ts schedule settings Task Name File specific user perm Specify an account that has suffident privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser3 Set Password Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to the next and final step PeP 272 Chapter 3 NTFS Security Auditor Step 6 Summary T i Step f of 7 Summary Click Finish to sawe the task details List of permissions C Wsers Public Doc for spedfic users me j Lo oa Ba ie a Security and groups on Click hereto view Click here to view Management Suite files 2014 Export File 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Scheduled Tasks folder 273
371. s feature Note This feature will not break the inheritance from the parent of current object If you still wish to break the inheritance from the parent object you may use the Grant Permissions or Modify Permissions feature to block inheritance Revoke permissions from the selected shares permissions list How to Remove the selected Account with the selected permissions from the shared folder s file s permissions list Revoke the selected permissions from all existing explicit accounts in shares permissions list How to Revoke the exact matching permissions from the existing explicit accounts in the shares permissions list How to Revoke existing explicit accounts only if the selected permissions match exactly with the ACE entries in the shares permissions list Revoke all existing explicit permissions from the shares permissions list How to Revoke the selected permissions from all existing explicit accounts in the share permissions list Revoke the exact matching permissions from the shares permissions list How to Revoke the selected accounts only if the selected permissions match exactly with the ACE entries in the shares permissions list Revoke the selected Accounts and all their permissions from the shares permissions list How to Revoke the selected Accounts with all existing explicit permissions in the shares permissions list Revoke the Orphaned SIDs from the selected shares permissions list How to R
372. s present inside folders Back Next Cancel e Apply upto N level s of sub folder s in the shared folder This option will revoke permissions from sub folders which are upto the specified folder traversal level e Apply only Nth level of sub folder s in the shared folder This option will revoke permissions from sub folders which are in the specified folder level only e Apply folders after N level s of sub folder s in the shared folder This option will revoke permissions from sub folders which are after the nth folder level of the selected folder e Apply only leaf nodes in the shared folder This option will revoke permissions from the last child leaf nodes without affecting the parent folder s permissions Click Next to proceed to the Next step Step 3 Account Selection You may select one of the account selection options below e All existing accounts that have been assigned explicit permission This option will remove all the explicitly assigned accounts It will not affect the accounts which are inherited from the parent of the current object e Selected accounts This option will remove all or specific permissions for the selected accounts 383 Chapter 4 NTFS Security Manager Step 2 of 5 Select user group account s Select the user and or group accounts for which you would like to revoke permissions on selected shared folder s file s gt All existing accounts that have been assigned explicit permi
373. s report allows you to view the folders that have permissions for Everyone group Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Security Vulnerabilities List of folders that have permissions for Everyone group Step 1of2 Select Report Select a report from the list of Security Vulnerabilities Reports Description This report lists folders that have permissions for the Security Vulnerabilities E List of all explicit permissions for folders E List of folders with broken inheritance and their permissions Everyone group List of permissions for orphaned accounts on folders E E List of permissions for disabled user accounts on folders List of permissions for accounts having destructive access on folders List of folders that have Deny permissions set both Explicit and Inherited E List of user accounts that have indirect access to folders due to nested group membership List of Effective Access for specific user and groups on folders E List of folders that have permissions for Everyone group Step 2 Select shared folders Select one or more servers to retrieve available shares 223 Chapter 3 NTFS Security Auditor Security Vulnera Step2of2 Selects Enter the tull p folder paths fr default proper E ET can Profiles Computers DEB sam m Domain Controlle
374. s to folders due to nested group membership List of Effective Access for specific user and groups on folders E List of folders that have permissions for Everyone group Click Next to proceed to the next step Step 2 Select shared folders Select one or more servers to retrieve available shares 184 Chapter 3 NTFS Security Auditor lessee ao sy Loolls arah See raaa eee Sb eee estes Feooe dic it SECUTITY VUE al FIITIES LIST OT dll EXPIIcil PERPMIESIONS TE Step 2of3 S g Enter the tullp folder paths fry YEW ect Shares and Folders available from computers displayed below G Ep sesssess Scan Profiles Computers Bi sam c tests S i Domain Controllers The application displays all computers that are currently active in your network kA using the browser service If some computers are missing your Browser ndude fles service may not be functioning properly Sternatively you may use the Active a Directory services tor computer enumeration _ Indude Gro 185 Chapter 3 NTFS Security Auditor Security Wr pee eS List 7 all explicit permissions ay poes Step 20f3 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Fo
375. s will be exported to a time stam folder in the format ywyyy mme dd hh mm ss under the task name folder Export Export Path C Users Public Documents NTFS Security Manageme E mail To Address Micheal Reseachlab com Additional E mail Settings Compress the attachment Note This evaluation version exports e mails only the first 10 records 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path 260 Chapter 3 NTFS Security Auditor Click Additional E mail Settings button to specify optional e mail settings as shown below You can customize the SMTP Server From and To address Subject and body of the e mail message From Jamie researchlab com To Micheall reseachlab com subject Reports generated by NTFS Security Management 261 Chapter 3 NTFS Security Auditor Step 5 Schedule Settings a Power Export Built in Reports Step 5of6 Schedule Settings Enter a unique task name and specify its schedule settings Task Name Folder permissions Specify an account that has suffident privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser3 Set Password Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to the
376. scccseecccaescccseuseessenseessuesecseuscessusesssuecesseseessaeseesseeessaneeess 396 How to Grant Permissions Tor Selected SNIreS eiivcccessendcncdavenciensrudavonusweevetaenievcee mecsendouceteossseesatoenieee sacaseeienieweees 402 How to add new accounts to the folder file permissions list cccccccccccccceeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeess 412 How to replace an account with another account in the shared folder file permissions list ccccccccceeeeeeees 419 How to remove the selected account from the shared folder file permissions list cccccccccccceceeeeeeeeeeeeeeeeees 426 How to allow inheritance from the parent to current folder file permissions cccccccecceceeeeeeeeeeeeeeeeeeeeeeeees 428 How to block inheritance from the parent to the current folder file permissions ccccccccccceeeeeeeeeeeeeeeeeeeeeees 430 How to modify an account Basic permissions ccccccsssssccecceseeceecceeeecccesaasecceseuseccesaesseceesseaeceessaaseeesseaaeeeessaees 433 How to modify an account Advanced permissions cccccsssssseeccccccseessececccessueesseeccceesaueeseeeceeessaueaeeeeeessauaaseseees 436 CODY PENIMISSIONS ce sectetvaceuuasvacesen A eats acaventeaassuetucusstatenman tues uee seul vadesmas E 439 PIDOUT CO VAP EMITS SION Sa e res N dtc pealaacov scat eo ned Gaede ccna NNA 440 How to Copy Permissions from one share to another Share S sssssccccceccessseccceeeeeeeeseeecceeeseeeeee
377. scescesceccecceccncceccsscnsonss 577 Chapter 1 General Information General Information About NTFS Security Management Suite 2014 System Requirements How to purchase How to activate the software Technical support Chapter 1 General Information About NTFS Security Management Suite 2014 Vyapin NTFS Security Management Suite 2014 is a powerful solution for auditing and managing NTFS security across your entire Windows network The management suite consists of two modules the NTFS Security Auditor module and the NTFS Security Manager module About NTFS Security Auditor Module NTFS Security Auditor Module provides a powerful reporting solution for auditing NTFS security across your entire Windows network NTFS Security Auditor module provides answers to important questions about the security and health of File systems in your servers and workstations e Who has access to what in your Files Folders and Shares Is there any unauthorized access e What type of access has been granted Who can Read Modify and Delete confidential Files and Folders e Do deleted or unknown users have access to files and folders e Who have been given special explicit permissions on folders Do the normal rules such as inheritance of permissions by folders from parent apply or have they been broken or subverted e Who have unauthorized access to confidential files and folders indirectly because of nested group membership e Are peo
378. se Folder Execute File List F Allow No This folder and subfolders Modified Apply To PHOENDadminuser3 Full Control Allow No Thisfolder subfoldersandfiles Modified Permissions RDIONEW TEST FOLDER C NEW TEST FOLDER promontori ee This folder subfolders and files Matched PHOENIX Testgroup__ Read and Execute List Folder Conte Allow No This folder subfoldersandfiles Modified Permissions Promem Alito metete Mov ne This folder subfolders and files Matched BEDT maea eka mote eit raion _tno__nfoe singe nee Modified Apply To Foabisinnme Nosh lwo Th bl nt andie _ Modit Perissi I aa ROLOWEW TEST FOLDERE folder PHOENKtet moan un o Tl andes Mae OEWRTeee Tene Fld Flor Yes dai Modted Poo Ta Poonntatgee falc O Aleu es_ Tsetse dhe neti Pome Allow No This folder subfolders and files Matched 181 Chapter 3 NTFS Security Auditor Security Vulnerabilities How to view Security Vulnerabilities Reports 182 Chapter 3 NTFS Security Auditor How to view Security Vulnerabilities Reports Security Vulnerabilities Reports provides reports that focus solely on reporting the vulnerabilities access permissions assigned to user and groups on shared folder s file s J Security Vulnerabilities Click on button List of Security Vulnerabilities Reports List of all explicit permissions for folders List of folders with broken inheritance and their permissions List of permissions for orphaned accou
379. se for each instance of the application Module Listing i ii gf Authentication Mode C Windows Authentication Cumently logged on user SOL Server Authentication User Name sqllogin3 Password efeeeee Show at startup User Authentication To connect to SQL Server NTFS Security Management Suite 2014 uses the relevant user accounts based on the authentication mode as listed below A Windows Authentication In this method NTFS Security Management Suite 2014 uses the currently logged on user account while running reports 10 Chapter 2 Configuration Settings B SQL Authentication In this method NTFS Security Management Suite 2014 uses the specified SQL user account and password while running reports NTFS Security Management Suite 2014 module stores the SQL user name and password as a user profile in Stored User Names and Passwords applet for its usage Read User Connection Profiles for more details Note NTFS Security Management Suite 2014 expects the user account to have sufficient privileges to create add to and delete database in the SQL server Database creation NTFS Security Management Suite 2014 creates databases in SQL Server based on the following database options whichever is selected as outlined below 1 Use a single central database for all instances of the application O A new database will be created in the SQL server by the name NTFSSecurityManagementSuite2014 Inside t
380. set non inherited folders and files How to Grant permissions on subfolders and files that do not have inherited permissions from its parent object with respect to the above options Remove all the existing explicit accounts and replace with the new accounts How to Remove all existing accounts that have explicitly assigned permissions for shares and replace them with the selected accounts and permissions Replace all explicit permissions existing in descendant with the inherited permissions from the current object How to Remove explicitly defined permissions on all descendant objects and replace them with the inheritable permissions from the shared folder s file s permissions list How to Allow inheritable permissions from the parent object to the current shares It will not affect the already existing explicit permissions How to Copy and Remove the inheritable permissions from the parent object to the current shares Copying the inheritable permissions will add the inherited permissions as explicit permissions in the shares permissions list Removing the inherited permissions will remove all the inherited permissions from the parent to the current object 340 Chapter 4 NTFS Security Manager How to replace existing accounts permissions with the new permissions The Grant Permissions feature allows you to replace the existing accounts permissions If the existing account selected for grant permissions
381. share list from a text file by using the Import button Click Next to proceed to the Next step Step 3 Selection Summary This step displays the summary of data selected to Revoke permissions and you can also view and export the existing permissions before changes are applied by clicking on the Export current permissions button 369 Chapter 4 NTFS Security Manager Revoke Permissions Vizard Step 2 of 3 Selection Summary Shows the details of all inputs provided in the wizard Click Export current permissions button to view and export the existing permissions Selection Summary Selected Revoke Mode Revoke all existing Accounts and their Permissions from the selected shared folder s Tile s Selected shared folder s file s 1 Wo49 adminuser folder 2 Wro4O Ert supp folder 3 Wd49 Shared folder Export curent permissiong o Back Cancel Click Next to proceed to the Next step Step 4 Save as template Enter a name and description to save these settings as a template to reuse later 370 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 3 of 3 Save as Template Optional Enter a name and description to save the input settings as a template You may reuse this template later Template Name Remove all Accounts Template Descriptions Back Finish Close Click Finish to complete the Grant Permissions task After the Revoke permissions action completed the sum
382. shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Folder Options Folder Path Mem al miacimace mbes Include sub folders E Traverse only 1 level s of sub folder in the shared folder F F Apply this setting to all folders in list oO o Click OK to proceed Click Finish to generate the selected report After the data collection process is complete the report would be generated in a report window as shown below 86 Chapter 3 NTFS Security Auditor Q Refresh 3 Export P Filter Gy E mail Report Details Report Name List of effective permissions for specific users and groups on files Generated on 09 Jun 2014 03 01 19 PM T a eam ee a neraed amp Effective Permissions Ga encase wel i C a paer PHOENIX Domain Admins group Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File Traverse Folder Execute File Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENIX adminus Explicitly assigned Traverse Folder Execute File PHOENDX Enterprise Admins group PHOENIX Administ Explicitly assigned Traverse Folder Execute File Explicitly assigned Traverse Folder Execute File PHOENIX TestGroup1 group PHOENIX TestGrou Explicitly assigned Traverse Folder Ex
383. sions list f the selected account already exists in the permissions list Add the new pennissions to the account s existing pennissions eG Replace the account s existing penmissions with the new permissions oe E Also apply the above to subfolders and files that do not have inheritance set non nherted folders and files ri Remove all existing accounts and replace with the selected accounts and permissions d E Replace all child object existing permissions with inhentable permissions from this object Ci Back Next Cancel Add the new permissions to the account s existing permissions option will add the selected permissions to the existing permissions list and also it will not affect the existing permissions You may also use the below options to grant permissions and also apply inheritance by Inheritance rule e Remove all existing accounts and replace with the selected accounts and permissions e Replace the account s existing permissions with the new permissions e Replace all child objects existing permissions with the inheritable permissions from this object Inheritance Rule e Allow inherited permissions from this object s parent e Copy inherited permissions e Remove inherited permissions Remove all existing accounts and replace with the selected accounts and permissions This option will remove all existing accounts that have explicitly assigned permissions for the selected shared folder s file s and replace them
384. soft windows ey Stored User Name and Passwords applet OK 4 Specify user name and the corresponding password to connect to the specified domain 17 Chapter 2 Configuration Settings Store the above user credential in Microsoft Windows Stored User Names and Passwords applet NTFS Security Management Suite 2014 allows the user to enter different user credentials to connect to the domain Uncheck the checkbox Log on using current user if you like to connect to the domain using a different user context NTFS Security Management Suite 2014 will store the user credential to connect to domain in the Microsoft Windows Stored User Names and Passwords applet Credential Manager for security reasons The stored user profile is tied to the user context currently logged on user account in which the profile is created 5 Click OK to add the domain to the Domain Credentials list 6 NTFS Security Management Suite 2014 will connect to the domain with the newly provided connection parameters and add it to the list upon successful connection to the domain ja e Emih Add E aay Plies Akl domain from forest nain er a necesunry credentials forthe selected domain H Add A Edit H Delete 4y Connect Add domains from forest Domain Name Forest Name User Name Status Researchlab researchlab local researchlab adminusers Connected 7 Click Cancel to abort the add process of the domain to the Domain Credentials list
385. ssions Click ea Shares Folders and Files 4 Shares and Resources option under Power Export This will bring up the Power Export Wizard Step 1 Report Selection A Power Export Built in Reports Step 1of7 Report Selection Select the desired reportis using the checkboxes given below More than one report may be selected in this category BEd shares and Resources List of Shares List of Shares with permissions Wext gt Close 1 Select the report s using the checkboxes to the left of the reports You may select any number of reports to run in a single task 2 The above reports collect data on a server basis 3 Click Next to proceed to the next step You may Click Back button anytime to come back to a previous step 328 Chapter 4 NTFS Security Manager Step 2 Server Selection Step 2 of6 Server Selection For each of the following reports please select the list of servers for which you would like to generate the report Double click on a Report or click Add Servers The report for each of the selected servers will be exported as a separate file E Eee List of Shares with permissions No Server Selected Add Servers 1 Click Add Servers button to select the servers for which you wish to run the server reports selected in Step 1 This will display a window where you can select the servers you want to add Selecting a domain will add all the servers in that domain to the r
386. ssions O Selected accounts Orphaned SIDs Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups lt No Profile found gt Selected Accounts e Select the accounts for which you wish to revoke permissions e The selected accounts will be added to the wizard as shown below 384 Chapter 4 NTFS Security Manager Step 2 of 5 Select user group account s Select the user and or group accounts for which you would like to revoke permissions on selected shared folder s file s 6 Al existing accounts that have been assigned explicit permissions Account name eva Add to list oe Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Select a Profile Selected Accounts Account Name Account Type e Use Select a Scan Profile Users Groups option to use the accounts added in the profile 385 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 2 of 5 Select user group account s Select the user and or group accounts for which you would like to revoke permissions on selected shared folder s fle s All existing accounts that have been assigned explicit permissions Selected accounts Orphaned 5IDs Account name Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Frequent Users oe Selected Accounts Account Name Account Type
387. ssions for specific users and groups on files Ea List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders List of effective permissions for users and groups on files 3 List of effective permissions for specific users and groups on folders List of effective permissions for specific users and groups on files Click Next to proceed to the next step Step 2 Select shared folders Select one or more servers to retrieve available shares 54 Chapter 3 NTFS Security Auditor Step 2 of 2 Select serve Guu Enter the tull path of a Shard Seles folder paths from a text file View and select Shares available from computers displayed below properties for scanning each J O Do not display files that ha same permissions as the p Scan Profiles Computers H Sample Scans Indude group members in _ Indude group membership de Add Domains 55 Chapter 3 NTFS Security Auditor Built in Reports List of permissions for files Step 2o0f 2 Select server s for Shared Folders list Enter the full path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning eac
388. ssions for specific users and groups on folders Step 20f 2 Selec folder paths from a view an properties for scann da Add Domains Share Falder UNC Pa Folder Path Wrd12 Test Wd 12 Testfolder Wrd12 Users e Use Select a Profile option to use the shares added in the profile 120 Chapter 3 NTFS Security Auditor DAC Reports Effective DAC permissions for specific users and groups on folders Step 2 of 2 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Folder Path wd12 Test VWRD12 Test folder for NTFSSA Wwd 12 Testfolder Wred12 Users You may also type the UNC path of a folder that is not in the list such as a folder that is not shared and then click Add to add it to the list In addition you may also import a list of UNC paths to shared and non shared folders from a text file by using the Import button NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Folder Options Folder Path Vd 12 Test Indude sub folders Traverse only 1 level s of sub folder in the shared fo
389. ssions from sub folders which are after the nth folder level of the selected folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folder s permissions Click Next to proceed to the next step Step 3 Select User Group Accounts This step is optional Use this step to select user and or group accounts for which you like to view the deny permissions for folders files Security Vulnerabilities List of folders that have Deny permissions set both Explicit and Inherited Step 3of3 Select User Group Account s Optional This step is optional Use this step to select specific user and or group accounts for which you would like to view the deny access permissions on files folders Account name ay Addto list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Select a Profile ai a Selected Accounts Account Name Account Type BUILTIN Administrators Local Group BUILTIN Backup Operators Local Group BUILTIN Guests Local Group BUILTIN Print Operators Local Group BUILTIN Replicator Local Group BUILTIN Server Operators Local Group BUILTIN Wsers Local Group Enter User Group name in domain account name format and click Add to List to add the user group to the selected accounts list Use Select a Scan Profile Users Groups option to use the users and groups added in a profile
390. sssesosesosesosesosssosseoosesosesosseosseosssosssossssssesosssosssosseoe 544 How to manage Scan Profiles USers Groups scccsssscsssccsssscccescccesscccsscecesssecesseccesecessececeseceseecucsseceseesucess 549 How to apply Scan Profiles Users Groups in NTFS Security Auditor MOdule scccsscsosssccsessccssscccesseeeeess 551 How to apply Scan Profiles Users Groups in NTFS Security Manager Module cccssscssssscsessccssssecesseceeecs 556 ADOUT S an Profiles Share S eissien a iaaea 559 How to create Scan Profiles SHAares csccscccscsssssccssccscceccesccssceccesccssceccecccssceccecccsscecceccesscecceccessseccescssseccesss 560 How to manage Scan Profiles Shares csccsccssscssccssccesscesccesccesccsccescccsccusccusccesccescceccesccsccsscusscesccesceeccesces 565 How to apply Scan Profiles Shares in NTFS Security Auditor Module cccccsscsscccsccssccnscccsccesscesccesceescesces 567 How to apply Scan Profiles Shares in NTFS Security Manager Module cccssccssecsssecsseccsscccseccsssccssccesccees 572 PR Cee EEN ING Sucre zee waste n E a A 574 Frequently Asked QUESTIONS sessssesecesecsssececececsesececececsssesecececsesesecececsesesececscsesesececeseesesecececeesesesececseseseseceeeese 575 WOUND IE SIO OCIS ecse iana a A wea snes dodsmunaemesnineenianarwunmnecoeses 576 How to uninstall NTFS Security Management Suite 2014 ccsccsccsccsccsccsccnccsccsccscc
391. sting account selected for copy permissions Copy Permissions Click on button The Copy Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Copy permissions from one share to another share s e Instep 4 select the option Replace the account s existing permissions with the new permissions Copy Permissions Wizard Step 4 of amp Apply Rules Select the rules using which you would like to copy permissions to the selected target shared folder s fle s permission list Assignment Rule Copy the selected permissions to the existing permissions list f the selected account already exists in the pennissions list Add the new permissions to the account s existing permissions ri Replace the account s existing permissions with the new permissions o E Also apply the above to subfolders and files that do not have inheritance set noninherted folders and files oe 6 Remove all existing accounts and replace with the selected accounts and permissions Ci E Replace all child object existing permissions with inheritable permission from this object ri oo C Inheritance Rule Click Next to proceed to the next step Follow the steps 5 through 6 as outlined in How to Copy permissions from one share to another share s 441 Chapter 4 NTFS Security Manager How to copy permissions to the target object s subfolders and files that do not have inherited permissions from its paren
392. t Permissions wizard Y Grant Permissions Click on button in the toolbar The Grant Permissions window will be displayed as shown below Grant Permissions Wizard Step 1 of 6 Select shared folder s file s Enter the full path of a shared folder file Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Share Folder UNC Path ao Scan Profile Shares Select a Profile Folder Path Add From _Imoort_ Cancel e Select one or more shared folder s files s and click Next to proceed e In Select user group accounts step select a profile from the Scan Profile Users Groups dropdown to use the users groups added in a profile 556 Chapter 6 Scan Profiles Manager Grant Permissions Wizard Step 2 of 6 Select usergroup account s Select the user andor group accounts For which you would like to grant permissions on shared Folder si File sh Enter account name jens Add to list oo Accounts from domainierver Browse and Select Accounts trom Scan Profiles Users sroupss Select a Protile oe Selected Accounts Account Mame Account Type Remove Reset e The list of users and groups present in the selected Scan Profile Users Groups will be loaded to the wizard as shown below 55 7 Chapter 6 Scan Profiles Manager Grant Permissions Wizard Step 2 of 6 Select user group account s Select the user andyor group acc
393. t from the list Change to 2 Administrator Administrator vyapin com z adminuser adminuser vyapin com To get more information about the listed recipients under Change to select the name and then click l Properties 524 Chapter 6 Scan Profiles Manager l Deco D Canavaro First Name Deco Initials Last Name Canavaro Display Name Deco D Canavaro Title Department Company Alias deco Mobile number E mail deco pathfinder local Webpage Cancel If there is no match for the name entered by the user in Active Directory a dialog will appear as shown below amp Check Names NTFS Securty Management Suite 2014 does not recognize x Do you want to Delete this recipient from the list Change to Select Delete option in the above dialog to remove the recipient name from To address text box Click Cancel button to close this dialog and the unresolved recipient s will appear in red color 525 Chapter 6 Scan Profiles Manager Address Book NTFS Security Management Suite provides Address Book feature to search for any mail enabled recipient object say person distribution list contact public folder you want to send a message to Click MEM button and then use the Find Names dialog box to search for the recipient object you want to send a message to Note that you can t use the Find Names dialog box to search for distribution lists in your Contacts folder Select
394. t lists only those computers that are currently active alive on your network You may use the Active Directory Services option if you have a large network and you need a quicker enumeration of computers in your domain However this option requires that the domain controller is contacted and queried Therefore the currently logged on user must have sufficient privileges to connect to a domain controller or you may specify alternate domain credentials for a domain controller see configuring the Domain Credentials section in the wizard NOTE If you use the Browser service ensure that NETBIOS over TCP IP is enabled in both the client and the computers that need to be reported on The Browser service must also be running You can access the Computer Enumeration settings by clicking Configuration gt Configuration Settings in the NTFS Security Management Suite 2014 main application window and selecting Computer Enumeration node as shown below Configuration Settings Select an option for enumerating computers in your domain In order to automatically enumerate computers in your network the application may be configured to use either the Computer Browser Service uses Windows Network APIs or your Active Directory queries your AD for Computer Accounts E 2 9 Use ia eee erie E Toroi tunear jai _ Uses Windows Network API to enumerate computers in a domain This displays all es Fy Domain Credentials the computers that are curren
395. t object The Copy Permissions feature allows to copy permissions to the target object s subfolders and files that do not have inherited permissions from its parent object Copy Permissions Click on button The Copy Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Copy Permissions from one share to another share s e Instep 4 select the option Add the new permissions to the account s existing permissions or Replace the account s existing permissions with the new permissions e Then select the option Also apply the above to subfolders and files that do not have inheritance set non inherited folders and files Copy Permissions Wizard Step 4 of amp Apply Rules Select the rules using which you would like to copy permissions to the selected target shared folder s file s permission list Assignment Rule Copy the selected pemissions ta the existing pennissians list f the selected account already exists in the permissions list Add the new permissions to the account s existing permissions o 6 Replace the account s existing permissions with the new permissions oo Also apply the above to subfolders and files that do not have inheritance set nonnherted folders and files Ci G Remove all existing accounts and replace with the selected accounts and permissions oe oo Export child objects existing pennissions E Inheritance Rule e Click Next to proceed to the n
396. t options displayed 378 Chapter 4 NTFS Security Manager PECE NSS 5 V rare Step 1 of 5 Select shared folder s file s Enter the full path of a shared folder file Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Shared folder file UNC Path add Scan Profle Shares i Folder Path 4 F Apply to all the sub folders Include files present inside folders e f you want to select shares from servers for which you wish to add then click Add From option e Select one or more servers to enumerate its shared folder s file s 379 Chapter 4 NTFS Security Manager Revoke Permissions Wizard Step 1 of 5 Select st Enter the full path 3 from a text fle ang View and select Shares and Folders available from computers displayed below the levels for sub f Shared folder file UNC _ WRD10 aDMINs Scan Profile Shi s I WaD10 cs 2 _ WRD10 WETLOGON Folder Path Add From 2 RD10 NEW TEST FOLDER Add From i i VRAD IO WNtfs test folder permissions 0 L RD10 NTFSTESTFOLDER C wrosysvor LJ WRD10 Test folder perm i VAD 10 Test folder permissions The application displays all computers that are currently active in your network using the browser service If some computers are missing your browser service may not be functioning properly Alternatively you may use the Active E Apply to sub folg Directory servic
397. t pane The summary information of the selected task will be displayed in the right pane as shown below LE Scheduled Tasks E Scheduled Tasks Task Mame Schedule Report Type Exported Files l c Sagar RAREN Standard Reports O Buittin Report Ta yr At 12 18 PM every PATHFINDER adminus day starting Server Report Click here to view i 4ize i011 5 Folder Specific L Ot 1 25 PM every D Folder Permissio Builtin Report Task PATHFINDER adminus day starting Built in Report Click here to view re 4 22 2011 ee Folder Specific User oe Nee p P PATHFINCERYadminus day starting Built in Report Click here to view _ 4 22 2011 Ak giaa PM every Effective Folder Folder Permission PATHFINDER adminus day starting Built in Report Click here to view 2 Effective File Per ae Ak par PM every PATHFINCERYadminus day starting Built in Report Click here to wiew 42 re011 Ab 4 40 PM every File Permissions PATHFINDER adminus day starting Built in Report Click here to view 4 22 19011 Ak 4 41 PM every PATHFINDER adminus day starting Built in Report Click here to wiew 4 22 19011 Ot 4 45 PM every Effective Folder Perm PATHFINDER adminus day starting Built in Report Click here to view 4 22 19011 Ak 4 45 PM every Effective File Perm PATHFINDER adminus day starting Built in Report Click here to view 4 22 19011 File Permissions 3 Explicit and Inhet Specific User File 2 Specific User Ef a gt P Perm 1 Specific
398. t ri Inheritance Rule Allow inherited permissions from this object s parent oe Block inherited permissions from this object s parent oO Q e Click Next to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Grant Permissions for selected Shares 345 Chapter 4 NTFS Security Manager How to block inherited permissions from the parent object to the current share The Grant Permissions feature allows an option to Copy the inheritable permissions from the parent object to the current shares This option will add the inherited permissions as explicit permissions in the Shares permissions list You can also remove the inherited permissions from the parent object to the current shares Grant Permissions Click on button The Grant Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Grant Permissions for selected Shares e Instep 4 select the option Copy inherited permissions e f you wish to remove the inherited permissions you may use the option Remove inherited permissions to remove all the inherited permissions from the parent object Grant Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to add permissions to the selected shared folder s file s permissions list Assignment Rule Add the selected permissions to the existing permissions list f the selected account already exists in the pennissions list A
399. t to proceed to the next step e Follow the steps 5 through 6 as outlined in How to Grant Permissions for selected Shares 344 Chapter 4 NTFS Security Manager How to allow inherited permissions from the parent object to the current share The Grant Permissions feature provides an option to Allow inheritable permissions from the parent object to the current shared folder s file s gt Grant Permissions Click on button The Grant Permissions window will be displayed e Follow the steps 1 through 3 as outlined in How to Grant Permissions for selected Shares e In step 4 select the option Inheritance Rule and then select the option Allow inherited permissions from this object s Parent Grant Permissions Wizard Step 4 of 6 Apply Rules Select the rules using which you would like to add permissions to the selected shared folder s file s permissions list Assignment Rule Add the selected permissions to the existing permissions list ff the selected account already exists in the pennissions list Add the new permissions to the account s existing permissions oe A Replace the account s existing permissions with the new pemissions oe Also apply the above to subfolders and files that do not have inhentance set non nhented folders and files oe Remove all existing accounts and replace with the selected accounts and pemissions oe E Replace all child object existing permissions with inhertable permissions from this objec
400. task completion status 392 Chapter 4 NTFS Security Manager How to reuse the Revoke Permissions template The Saved Templates contains the list of saved templates to Grant and Revoke permissions Saved Templates Click on button The Saved Templates window will be displayed as shown below Saved Permissions Template Select any template from the list of saved templates to proceed Click Open to modify the selected template Click Delete to delete any selected template and Click View Details to view the contents of selected template Template Name Description Template Type Z Grant pemmissions task2 for the common share Grant 4 Grant pemissions task 1 for the Admin share folder Grant Ei Revoke pemissions task for the common share Revoke gt Revoke permissions task 1 for Admin share Revoke The saved templates window allows you to perform the following operations e Open an existing Template e Delete a Template e Preview the contents of a Template Open an existing Template 1 To open an existing Revoke permissions select the Revoke permissions template and click Open button in the window The Revoke permissions Dialog will appear on the screen which will allow you to edit the selected template 2 During edit operation you can modify the computer list and permissions entries however you cannot modify the name of the template 393 Chapter 4 NTFS Security Manager Delete a template To delete a Revoke
401. te Export Export Path Wsers Public Documents NTFS Security Manageme Micheal Reseachlab com E mail Settings Compress the attachment Note This evaluation version exports e mails only the first 10 records 1 Change the Export or E mail settings as necessary 2 Use Browse button to change the export path 314 Chapter 4 NTFS Security Manager Click Additional E mail Settings button to specify optional e mail settings as shown below Additional E mail Settings You can customize the SMTP Server From and To address Subject and body of the e mail message RD30 Jamie researchlab com Micheal reseachlab com Reports generated by NTFS Security Management Please find the attached report generated by NTFS Security Management Suite 315 Chapter 4 NTFS Security Manager Step 6 Schedule Settings A Power Export Built in Reports Step 6 of T Schedule Settings Enter a unique task name and specify ts schedule settings Task Name Specific user effective perm Specify an account that has sufficent privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser3 Set Password Schedule Task Start time 11 05 Am Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to th
402. ted folder Include only leaf nodes in the shared folder This option will view permissions from the last child leaf nodes without affecting the parent folder s permissions Click OK to proceed Click Finish to generate the selected report Once the data collection process is complete the report would be generated in a report window as shown below Refresh Export E mail AS i Exp Status Success RD10 Ntfs testfo Ntfs test folder permis Folder PHOENIX adminuser4 User Disabled New Text Document txt File PHOENIX adminuser4 PHOENIX test User Disabled Allow RD10 Test folder Test folderpermission Folder PHOENIX adminuser4 PHOENIX test User Disabled Allow Read and Execute Lif This folder subfolders and files ListDomain vbs PHOENIX test User Disabled Allow Read and Execute Li This file only Yes New Text Document b PHOENIX adminuser3 PHOENIX test User Disabled Allow Read and Execute Li This file only i 201 Chapter 3 NTFS Security Auditor List of permissions for accounts having destructive access on folders This report allows you to view users and groups having destructive access permissions Full Control Delete etc on folders J Security Vulnerabilities Click on button Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Security Vulnerabilities List of permissions for accou
403. template and Click View Details to view the Select any template from the list of saved templates to proceed Click Edit to modify the selected contents of selected template Ken Template Name Description Template Type Apple CAF Sample Apply CAF Template Name Apply CAP Sample Selected shared folder s file s 1 rd4ONTFSSA Share Selected central access policy Policy for countries Selected options Apply to all the sub folders Mewes cose 481 Chapter 4 NTFS Security Manager How to Revoke Central Access Policy from the selected Shares The Revoke CAP feature allows you to remove a central access policy from the shared folders and files You will also have the option to revoke a central access policy only if the selected central access policy applied on the selected shared folders and files Click on button in the toolbar The Revoke CAP window will be displayed as shown below Step 1 Select a Revoke CAP option Select any one of the options below e Revoke any applied CAP from selected shares and folders This option will remove a central access policy from the selected shared folder s file s e Revoke a specific CAP from selected shares and folders This option will revoke a central access policy only if the selected central access policy applied on the selected shared folders and files 482 Chapter 4 NTFS Security Manager Revoke Central Access Policy Select any one of the options to
404. tep Step 2 Select shared folders Select one or more servers to retrieve available shares 207 Chapter 3 NTFS Security Auditor eeepc taal Yt yeas a lesa al ipe ee eee a oe he ee ae a SECURITY VUES JITIES EL OC aers Thal have Leny li TE SECT BOTN CONCE and Ir ameg Step 2 0f3 97 Reglar Tt f a l G View S i Domain Controllers E Ro10 apmins E Woes YRD 10 WWETLOGOMN The application displays all computers that are currently active in your network using the browser service lf some computers are missing your browser Service may not be functioning properly Sternatively you may use the Active Directory services for computer enumeration _ Indude Gro 208 Chapter 3 NTFS Security Auditor mT en me go ae Step 20f3 Select Shared Folder s Enter the tull path of a Share or Shared Folder Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file and CSV file Select a folder in the list below and Click Edit Folder Options to modify the default properties for scanning each folder Share Folder UNC Path Scan Profile Shares Select a Profile amp Folder Path Indude sub folders Folder level RD 10 WETLOGON True All YRD 10 WEW TEST FOLDER True Al WRD 10 NEW TEST FOLDER SHARE True All Indude files present inside folders Set sub folder levels Indude Group me
405. ters as shown below Select Shares View and select Shares and Folders available from computers displayed below z de Add Domains ist of UNC folder E Scan Profiles Computers AA ALL WINDOWS 8 MACHINES D e 5a RESEARCHLAB BRI Domain Controllers Gell RD30 _ WRD30 10000 files each 1 MB 10GB LL rozoapmins _ WRD30 Bulk folders L_ WRD30 New folder 5 You can use Enumerate option to scan the entire domain and find all file shares for which the selected accounts have permissions Click Enumerate option The Select Shares dialog will be displayed as shown below 562 Chapter 6 Scan Profiles Manager jal Scan Profiles Shares od Enter the full path of a Share or Shared Folder Glick Add From to load the list of shares Import to import a list of UNC folder paths from a text file EET Share Select a domain and the desired accounts say Everyone in order to filter the list of shares for which the specified user account Everyone has permissions defined Select a domain and the desired accounts say Everyone in order to filter the list of shares for which the specified user account Everyone has access If you want to scan with more accounts click Select more and then select the accounts in Account Selection dialog Once accounts selection is complete click OK in Account Selection dialog 563 Chapter 6 Scan Profiles Ma
406. the e mail messa Subject Reports generated by NTFS Security Management Please find the attached report generated by NTFS Securty Management Suite 325 Chapter 4 NTFS Security Manager Step 6 Schedule Settings a Power Export Built in Reports Step 6 of T Schedule Settings Enter a unique task name and specify its schedule settings Task Name Specific User effective file Spedfy an account that has suffident privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser 3 Set Password Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to the next and final step PeP 326 Chapter 4 NTFS Security Manager Step 7 Summary T i Step f of f Summary Click Finish to sawe the task details List of effective C Wsers Public Doc permissions for ey ee ee oe E Security specific users and Click hereto view Click here to view Management Suite groups on files 2014 Export Specfi 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Scheduled Tasks folder 327 Chapter 4 NTFS Security Manager Schedule Shares and Resources Built in Reports Built in Reports cS amp Permi
407. these accounts The search results will contain only ACLs of those folders fles that do not have the selected accounts Account name ea Add to list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Select a Profile oe Show folders files that do not have these accounts Show folders files only if all the above accounts are not present Use Select a Scan Profile Users Groups option to use the users and groups added in the profile as shown below 155 Chapter 3 NTFS Security Auditor UWE SEAL ri Zi fd SEACH TOF CXCEATIONS LALLI Step 3 of 4 Search for ACLs that do not have the following accounts Select Accounts and search for folders fles not having these accounts The search results will contain only ACLs of those folders fles that do not have the selected accounts Account name ea Add to list Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups oe Show folders files that do not have these accounts phoenix adminuser2 Reset phoenix adminuser3 Show folders files only if all the above accounts are not present Click Next to proceed to the Next step Step 4 Save Search Enter a name and description for search 156 Chapter 3 NTFS Security Auditor les uer kesri Litlipe sere Resgreehk fer Lamm E mA 7 i 1 FOWEr SEarcn Veilzard searcn TOT CXCEPTIONS LALL Step 4 of 4 Save Search Enter a name an
408. tings Task Name Explicit and Inherit perm Specify an account that has suffident privileges to retrieve report information from the selected Domains Servers Run As Phoenix adminuser3 Set Password Schedule Task Daily Every 1 day s Enter a unique name for the task Change the Run as parameter if necessary and set the password for the specified user Change the task schedule settings as required Click Next to proceed to the next and final step PeP 290 Chapter 3 NTFS Security Auditor Step 6 Summary Step 60f6 Summary Click Finish to save the task details Task Name Explicit and Inherit perm C Wsers Public Docume security Management Suite 20144Export Explict List of all permissions for folders Inherited Click here to view amp Explicit 1 This step displays the summary information of the task 2 Click Finish to save the task details 3 The task will be added to Windows Schedule Tasks 291 Chapter 3 NTFS Security Auditor List of effective permission for users and groups on folders This report lists effective permissions for users and groups assigned to set of folders p E Built in Reports Gir eae Shares Folders and Files wf Shares and Resources Select up the Power Export Wizard option under Power Export This will bring Step 1 Report Selection Power Export Built in Reports Step 1of7 Report Selection Select the desired report t
409. tion This option will not report folders with identical permissions as the parent folder Note The Do not display folders that have same permissions as the parent folder option would be enabled by default NTFS Security Manager defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options 499 Chapter 4 NTFS Security Manager Folder Options Folder Path Mea Include sub folders E Traverse only l level s of sub Folder in the share hai F Apply this setting to all folders in list Use Set Search Pattern option to exclude sub folders that match certain pre defined conditions like Folder name starts with Folder name ends with Example Folder name starts with test Folder name ends with share Power Search Step 1 of 4 Select Shared Folder s Files ars maija Folder Search Options scanning each Enter search criteria to exclude subfolders Share Folder UN Apply subfolders that starts with Apply subfolders that ends with Scan Profile 5 Starts with if REM Ends with Folder Path oder ra teat VRD 10 NEW TE VRD 10 WEW TE Do not display files that have the same permissions as the parent folder F Include files present inside folders Click Next to proceed to the next step Step 2 Select Access Control Entry Type and Permissions Select ACE Type and permissions to search in the Access
410. tlined in How to create Scan Profiles 549 Chapter 6 Scan Profiles Manager Edit an existing Scan Profile Users Groups To edit a Scan Profile Users Groups click Edit button in the Scan Profiles Manager The Scan Profile Users Group wizard will appear on the screen which will allow you to edit the selected profile During edit operation you can modify the Users Groups list Delete a Scan Profile Users Groups To delete a Scan Profile Users Groups select the profile you want to delete and then click Delete button The selected Scan Profile Users Groups will be deleted permanently Please note that reports associated with the Scan Profile Users Groups deleted may fail to run when generated Preview the list of users and groups in a Scan Profile Users Groups To preview the list of users and groups in a profile select a profile and then click Preview button Profile Name Siete lees Account Name Account Type ACVENTURE Administrator User 4CVENTURE adminuser User 40VENTURE Hygiene adventure Scholes ADVENTURE VSM 7967 scedes9o462 User The Preview window allows you to view what users and groups will be included in the profile 550 Chapter 6 Scan Profiles Manager How to apply Scan Profiles Users Groups in NTFS Security Auditor Module You can apply Scan Profile Users Groups to permissions reports that involves generating permissions for specific users and groups on share folders This is es
411. tly active in your Network This option may be used if a User Conmection Profle you have a small network for faster enumeration of computers m E mail Settings B ii Database Settings Use Active Directory Services A NTFS Security Manager om Tea Queres your Directory Server to enumerate ts computers This option requires ED NTFS Security Auditor Domain Administrator privilege to connect to your domain controller W Module Listing Show at startup 13 Chapter 2 Configuration Settings Configuring Domain Credentials Manage alternate credentials for Domain Directory Servers The application by default uses the currently logged on user context to enumerate computers and shares and to collect NTFS permissions data If you want to specify alternate Domain Administrator credentials you may use this option Configuring Domain Credentials You can access the Domain Credentials settings by selecting the Domain Credentials option in the Configuration Settings window main Directory Servers The application by default uses the currently logged on user s and shares and to collect NTFS permissions data If you want to specify altemate Fi Add Edit i Delete 4 Connect A Add domains from forest Domain Name Forest Name User Name Status If you have chosen Active Directory Services under the Computer Enumeration settings you can launch the NTFS Security Auditor Domain Credentials window within a report window by d
412. to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options 45 Chapter 3 NTFS Security Auditor Folder Path Ma a miscimae nhs Include sub folders Traverse onyji ES levels of sub folder in the shared folder Apply this setting to all folders in list Click OK to proceed Click Finish to generate the selected report After the data collection process is complete the report would be generated in a report window as shown below Q Refresh Export Ff Filter Sy E mail Report Details Report Name List of permissions for folders Generated on 07 Jun 2014 10 34 45AM Folder Path Sub Folders Owner User Name Members sanga Access Type Inherited Security Apply To RD10 NETLOGON NETLOGON BUILTIN Administre BUILTIN Administr Group PHOENIX Administrator User Allow No Full Control Subfolders andfiles only Traverse Folder amp This folder only PHOENIX Domain Admin group PHOENIX Administ Allow Full Control Subfolders andfiles only Traverse Folder 14 This folder only PHOEN D adminus Allow Full Control Subfolders andfiles only Traverse Folder E This folder only PHOENTX adminus Allow Full Control Subfolders andfiles only Traverse Folder IE This folder only PHOEN X adminus Allow Full Control Subfolders andfiles only Traverse Folder E This folder only PHOENIX adminus Allow Full Con
413. to you through email and paste it in the License Key textbox For help on how to copy the license key click Click here to see how to copy and paste the license key link in the Activate dialog as shown in Image 2 gt Chapter 1 General Information How to copy license key BEGIN LICENSE KEY COPY BELOW THIS LINE 4Select and then Copy the we selected text cigs Saslqyql9gzHG Yngtsb Mn4333 PIB Orebhspaz CA mes G Onwr ls H9H2x GLY FI wep AgMEbs bn Exs Og D 0a Cgty Koy NSt LF OU Yx try sk UUs Re 1 Agbu C ovat piogs HGrbs Gy zk S401 4gx23900 Pto HF Bimet Og Wd Lk Pg ThuSb At Pus204k DI ALE KEgiS Let ES rl Sai Rete RS tminn Meigs RS tg0b AN OOTEO 30F Grd BtQHpti sisket RhyiAb Rvp PAt s Leo Be ve B Tds Gyk RAW Only rsawtgTconto Ej Hbzns O01 Np189AuF Plo2w HVJ eqoomTg 8 G6 Tage SpMEdsCth dn OO Tn THs Ae fo hid HSV CUTY R2 Mt Noky LOSS bk Y2tP C P giy Rmdo i JgvOqwe rsi Sul Loe J5bbGm O02 IP R9 Ly tlah GuslpJdp Kgalf LEIS Pts Ott U 2ebuF edd P B P F Zm dp l Ex 44 igo PhTAw C Opg 01A8P Erit Yudh Ron0dHewMi kmis ENO LICENSE KEY COPY ABOVE THIS LINE Image 2 How to copy license key screen Chapter 1 General Information Technical support NTFS Security Management Suite 2014 Frequently Asked Questions FAQ section is available online at our website http www vyapin com Please direct all technical support questions to support vyapin com Include the following information to expedite a
414. trol Subfolders andfiles only Traverse Folder IE This folder only PHOEND adminus Allow Full Control Subfolders andfiles only Traverse Folder E This folder only PHOENIX Enterprise Adr group PHOENTX Administ Allow Full Control Subfolders andfiles only Traverse Folder Gi This folder only E aeaa 46 Chapter 3 NTFS Security Auditor List of permissions for specific users and groups on files This report allows you to view file permissions for specific users and groups Click on S Shares and Resources button under Built in Reports The Built in Reports window with the list of reports will be displayed as shown below Step 1 Report Selection Select the report to be generated Only one report can be generated at a time Built in Reports List of permissions for specific users and groups on files Step 1of3 Select Report Select a report from the available Builtin Reports Description This repor lists the file permissions assigned to a List of permissions for folders specific usergroup List of permissions for specific users and groups on files Socu a E List of permissions for files List of all permissions for folders Inherited amp Explicit List of effective permissions for users and groups on folders a4 Permissions E List of permissions for specific users and groups on folders List o
415. ull path of a shared Folder ifile Click Add From to load the list of shares Import to import a list of UNC Folder paths From a text File Share Folder UNC Path d Scan Profile Shares test profile Folder Path Add From VAD Address WROD basic per Import GP WARDS Bulk Test Folder WEDS Bulk best Folder 1 PERA MRO EFF supp Folder Remove Merk Cancel You may also type the UNC path of a shared folder that is not in the list and then click Add to add it to the list In addition you may also import a list of UNC paths to shared folder list from a text file by using the Import button Click Next to proceed to the next step 349 Chapter 4 NTFS Security Manager Step 2 Account Selection 1 Select the accounts for which you wish to grant permissions 2 The selected accounts will be added to the wizard as shown below Grant Permissions Wizard Step 2 of 6 Select usergroup account s Select the user andvor group accounts For which you would like to grant permissions on shared Folder si Fileis Account name Ee Add to list oo Accounts from domain server Browse and Select Accounts from Scan Protiles Userssroupss Select a Frofile o Selected Accounts Account Mame Account Type e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile 350 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 2 of 6
416. urent owner BUILTIN Administrators This folder subfolders and file A Apply these permissions to objects and or containers within this container only You may also verify the inheritance from the parent object allowed or blocked to this current object by using the option Allow inherited permissions from the parent to propagate this object If this option is checked then the inheritance from the parent to this current object has been allowed otherwise if unchecked it has been blocked 131 Chapter 3 NTFS Security Auditor How to enumerate shared folders files The Security Viewer feature allows many options to enumerate the shared folders files in the entire network You can also enumerate and view the folders and files in the local file system Security Viewer Click on button The Security Viewer window will be displayed as shown below Here is the list of ways you can enumerate the shared folders files in the network e Local Drives e Domains e Scan Profiles Computers e Scan Profiles Shares Share Folder path H Add Domains Refresh zope Local Drives i Scan Profiles Computers lt No Profile found Configure using Scan Profiles Shares lt No Share Profile found Configure Accounts Advanced Permissions Account Name ACEType Inherited Permissions 132 Chapter 3 NTFS Security Auditor Select Local Drives and follow the steps below e Select and traverse
417. ve the input settings as a template You may reuse this template later How to reuse the Apply CAP template 477 Chapter 4 NTFS Security Manager Apply Central Access Policy Wizard Step 3 of 4 Save as Template Optional Enter a name and description to save the input settings as a template You may reuse this template later Template Marne Apply CAF Sample Back Next Cancel Click Next to proceed to the next step Step 6 Summary This step displays the summary of all the input data along with the selected options 478 Chapter 4 NTFS Security Manager Apply Central Access Policy Wizard Step 4 of 4 Summary Report Shows the details of all the inputs provided in the wizard Selection Summary Shared folder s filefs 1 RDSO NTESSM Test folder 2 WRD40 Test DAC Central Access Policy Name Finance Export Current Central Access Policies ri Back Finish Cancel Click Finish to complete the Apply Central Access Policy wizard Central Access Policy will be applied as specified in the wizard The summary of all the input data would be shown below along with the View change log option to view the task completion status 479 Chapter 4 NTFS Security Manager How to reuse the Apply CAP template The Saved Templates contains the list of saved templates to Apply CAP Revoke CAP Grant Permissions Revoke Permissions and copy Permissions Saved Templates Click on button in the toolbar The Save
418. ved templates to Grant and Revoke Permissions Saved Templates Click on button The Saved Templates window will be displayed as shown below Saved Permissions Template Select any template from the list of saved templates to proceed Click Open to modify the selected template Click Delete to delete any selected template and Click View Details to view the contents of selected template Template Name Description Template Type gt Grant pemissions task1 forthe Admin share folder Z Grant pemissions task forthe common share Grant El Revoke pemissions t for Admin share Revoke El Revoke pemissions t forthe common share Revoke View Details The saved templates window allows you to perform the following operations e Open an existing template e Delete a template e Preview the contents of a template Open an existing Template 1 To open an existing Grant permissions template select the Grant permissions template and click Open button in the window The Grant permissions Dialog will appear on the screen which will allow you to edit the selected template 2 During edit operation you can modify the computer list and permissions entries however you cannot modify the name of the template 358 Chapter 4 NTFS Security Manager Delete a template To delete a Grant permissions template select a Grant permissions template which you want to delete and then click Delete button The selected template will be del
419. w Full Control Unlimited Bulk export for patel F Bulk export for pa Everyone Allow Read Unlimited C Cy Admin Share Unlimited Admin Share Unlimited Everyone Allow Read Unlimited Ff F G E METLOGON CVMINDOWSiS Y S BUILTINVAdminist Allow Full Control Unlimited PATHFINDER Do Allow Full Control Unlimited PATHFINDER Do Allow Full Control Unlimited Allow Read Unlimited RO4S LOG Program FilestEx BUILTINVAdminist Allow Full Control Unlimited z ee wil 528 Chapter 6 Scan Profiles Manager Scan Profiles Manager About Scan Profiles Computers How to create Scan Profiles Computers How to manage Scan Profiles Computers How to apply Scan Profiles Computers in NTFS Security Auditor Module How to apply Scan Profiles Computers in NTFS Security Manager Module About Scan Profiles Users Groups How to create Scan Profiles Users Groups How to manage Scan Profiles Users Groups How to apply Scan Profiles Users Groups in NTFS Security Auditor Module How to apply Scan Profiles in Users Groups in NTFS Security Manager Module About Scan Profiles Shares How to create Scan Profiles Shares How to manage Scan Profiles Shares How to apply Scan Profiles Shares in NTFS Security Auditor Module How to apply Scan Profiles Shares in NTFS Security Manager Module 529 Chapter 6 Scan Profiles Manager About Scan Profiles
420. will revoke central access policy from all files present in the selected folders as specified in this wizard Click Next to proceed to the Next step 487 Chapter 4 NTFS Security Manager Step 3 Select Central Access Policy Revoke Central Access Policy Step 2 of 4 Select Central Access Policy Select a Central Access Policy to revoke From the share si Folder si Click Change to view available Central Access Policies that can be applied to the selected objects Central Access Policy No Central Access Policy Change o The following Central Access Rules apply Applies to Description Fermizzion entiez Type Principal Access Back Next Cancel e Click Change to view available Central Access Policies that can be applied to the selected shared folders files Note You must be a member of the selected shares domain and connected to the shares from a domain authenticated session to view Central Access Policy information 488 Chapter 4 NTFS Security Manager Revoke Central Access Policy Step 2 of 4 Select Central Access Policy Select a Central Access Policy to revoke From the share s Folder si Click Change to view available Central Access Policies that can be applied to the selected objects Central Access Policy oa The following Central Access Rules apply Applies to E Central Access Rules RESOURCE counties _sedd5b4e50245270 India Rule for countries Description Pernmizsion entr
421. wn below e a Step 3 of 4 Select User Group Account s Optional This step is optional Use this step to select specific user and or group accounts for which you would like to view the permissions on files folders Account name ea Add to list oe Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Select a Profile oe Selected Accounts Reset 165 Chapter 3 NTFS Security Auditor e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile Step 3 of 4 Select User Group Account s Optional This step is optional Use this step to select specific user and or group accounts for which you would like to view the permissions on files folders Account name ela Add to list o Accounts from domain server Browse and Select Accounts from Scan Profiles Users Groups Guest Accounts oe Selected Accounts phoenix adminuser2 phoenix sam phoenix saru phoenix test group e Click Next to proceed to the Next step 166 Chapter 3 NTFS Security Auditor Step 4 Save Search Enter a name and description for search Step 4 of 4 Save Search Enter a name and description for the search Search Name Users who can Modify Search Description Click Finish to generate the power search report 167 Chapter 3 NTFS Security Auditor After the data collection process is complete
422. words applet Credential Manager The stored user profile corresponding to the user account will be used by the application in order to connect to the domain if Use ADSI is selected in NTFS Security Management Suite 2014 Enumeration Settings Using the Connection Profile dialog show below new profile can be created and available profiles can be removed from the profiles list 27 Chapter 3 NTFS Security Auditor da Add Edit X Remove or Ta NTFS Securty Manager i NTFS Security Auditor Create a new user profile and store it in windows stored usernames and passwords applet User Mame Pathfinders choles n e g domainsusename Password mT TrItTit tT Confirm Password EO pesseeee Description mandatory fields 28 Chapter 3 NTFS Security Auditor Click Edit button in the Connection Profile dialog to edit available profiles Click Remove button in the Connection Profile dialog to remove available profiles 29 Chapter 3 NTFS Security Auditor Module Listing This option allows you to view hide the license expired modules in the NTFS Security Management Suite 2014 You can access the Module Listing option by clicking Configuration gt Configuration Settings in the NTFS Security Management Suite 2014 main application window and selecting Module Listing node as shown below Configuration Settings Module Listi 5 Select an option to show modules in the NTFS Secu
423. xecite List Folder C Alow No Ths folderardfles PHOENDOadminuser Ful Convoi Alow No This eider ule and f Modified Permissions PHOENDOadminuser List Folder Rend Datong alow 1o This falder sibfa nd NRDIONEW TEST FOLDERY folder PPOENDOTegaupes Traverse Falder Exae ie Alow ves hi fdr eer ar PHOENDadminsers Full Conni alow Yes This tolder ules ana ti PHOENDsam _ ReadWiteand Execute alow ves Tms folder subfoldersand PHOENDKes Faca O ly NT a mas Modied Permissions be alls Tlie 15 LEl Joone J 3 88o DME d Raamaa 176 Chapter 3 NTFS Security Auditor How to Compare ACLs of a folder with exported ACL data of another folder This option in Compare ACLs features allows you to find out the differences between a past snapshot of ACLs and the current ACLs of a shared folder This option will compare only those sub folders that are available in common by name in the specified shared folder and the shared folder in the exported report Compare ACLs Click on button The Compare ACLs window will be displayed as shown below Step 1 Select an option to compare ACLs Select Compare ACLs of a folder with exported ACL data of another folder option Click Next to proceed to the Next step Compare ACLs Wizard Step 1 of 2 Select an option to compare ACLs Compare ACLs of folders 4 Compare ACLs of a folder with exported ACL data of another folder oe Step 2 Select shared
424. y Manager Copy Permissions Wizard a Step 1 of 6 Select source shared folder file Enter the full path of a source shared folder jfile Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file Share Folder UNC Path scan Protiles Shares test profile Folder Path E Ww 46 copy test vrd Example E wd4 sampletask E wd46 Test Folder You may also type the UNC path of a shared folder that is not in the list and then click Add to add it to the list In addition you may also import a list of UNC paths to shared folder list from a text file by using the Import button Click Next to proceed to the next step Step 2 Select target shared folder s file s Select target shared folder s file s by using any of the input options displayed 449 Chapter 4 NTFS Security Manager Step 2 of 6 Select Target Shared Folder s file s Enter the full path of target shared folder file Click Add From to load the list of shares Import to import a list of UNC folder paths from a text file j Lf p e j J 4 a at ta ht Sean Profiles Shares Select a Profile Falder Path e f you want to select shares from servers for which you wish to add then click Add From option e Select one or more servers to enumerate its shared folder s file s 450 Chapter 4 NTFS Security Manager Copy Permissions Wizard Step 2 of 6 Select T
425. y a computer list by using either the Import option or by selecting computers From the network Or you may select specific versions of Windows Profile Marne Profile Select computers From network Select specific Windows version s Import list of computers From text File Import list of IP addresses From text File Enter Computer Mame Domainiserver Name DISCOVERY SPAS ADVENTUREWRD49 Add ADVENTUREIRDSS S PATHFINDER RD45 Remove Cancel Select Select computers from network option ll You can type in computer name in the format Domain Name Computer Name and then click Add button to manually add it to the list Or you may click Add From button to browse the network and select specific computers 531 Chapter 6 Scan Profiles Manager B Selecting specific Windows versions scan Profile Computers You can specify a computer list by using either the Import option or by selecting computers From the network Or you may select specific versions of Windows Profile Mame Profile Select computers From network Select specific Windows version s Import list of computers From text File Import list of IP addresses From text File Windows Versions V Select specific domains Fal vvindows Server 2008 Fa 20 YENTURE Windows vista F DISCOVERY Wl Windows 2003 Server W PATHFINDER T Windows XP Professional E VSSPRO E Windows 2000 Professional YAS PINLAB F Windows 2000 Se
426. y of last 30 days You can view permissions change history of specific task by selecting task name in the View option Click on button in the toolbar The Central Access Policies Change History window will be displayed as shown below You can view Central Access Policies Change History in one of the following ways Apply CAP History Revoke CAP History Change History i Refresh p Export 5al E mail From FSGS le To amp 12013 El View Show All Show History Generated on 8412013 3 46 03 Phl Status Success Task Mame Date and Time share Path Policy Mame mae Task Status lt Revoke Central Ag 8 1 2013 2 28 57 PI ird i Test Folder Policy For countries Revoke a central ad Task Completed Successfully ef 1f20135 2 25 39 PI dl NTFSSM Tesh Project CAP Revoke a central ac Task Completed Successfully lt Apply Central Acce 6 1 2013 2 18 46 Pl ird l Test Folder 1 NTFS Team Apply to all the sub Task Completed Successfully 612013 2 16 10 PI yrd 1 NTFS5M Test Finance Apply to all the sub Task Completed Successfully Bi 1f20135 12 53 29 f ird40Testing CAP best Task Completed Successfully lt Revoke Central Ad 6 1 2013 11 34 56 ird40 Test NTFS Team Revoke a central ac Task Completed Successfully Select required From and To dates Select Apply CAP in the View option Then click Show History button The Apply CAP history will be displayed as shown below 514 Chapter 6 Scan Profiles Manager i Refresh
427. you to perform the following operations e Create a new Scan Profile Shares e Edit an existing Scan Profile Shares e Delete a Scan Profile Shares e Preview the list of Shares in a Scan Profile Shares Create a new Scan Profile Shares 1 To create a new Scan Profile Shares click New 2 Follow the steps as outlined in How to create Scan Profiles 565 Chapter 6 Scan Profiles Manager Edit an existing Scan Profile Shares 1 To edit a Scan Profile Shares click Edit button in the Scan Profiles Manager The Scan Profile Shares wizard will appear on the screen which will allow you to edit the selected profile 2 During edit operation you can modify the Shares list Delete a Scan Profile Shares To delete a Scan Profile Shares select the profile you want to delete and then click Delete button The selected Scan Profile Shares will be deleted permanently Please note that reports associated with the Scan Profile Shares deleted may fail to run when generated Preview the list of shares in a Scan Profile Shares To preview the list of shares in a profile select a profile and then click Preview button Profile Name eee WED Address WROFSINTES Bulk Share WRD4S NTFS BulkTest Share WRDASINTES Security Manager WRD49 Test share Folder The Preview window allows you to view what shares will be included in the profile 566 Chapter 6 Scan Profiles Manager How to apply Scan Profiles Shares
428. ype Inherited Owner NTFS Security Auditor defaults to scanning all the sub folders under a given shared folder If you want to change the Include sub folders and Folder level options click Edit Folder Options Include sub folders E Traverse only 1 level s of sub folder in the shared folder F Apply this setting to all folders in list Use Set Search Pattern option to exclude sub folders that match certain pre defined conditions like Folder name starts with Folder name ends with Example Folder name starts with test Folder name ends with share 152 Chapter 3 NTFS Security Auditor Power Search Wizard Search for Exceptions DACL Step 1 of 4 Select Shared Folder s Enter the full per eer paths from a te scanning each Enter search criteria to exclude subfolders share Folder UN Apply subfolders that start with Apply subfolders that end with Scan Profile 5 Starts with EMOVE Ends with Folder Path WRDIOWEW TE WRDIOWEW TE share Do not display files that have the same permissions as the parent folder F Include files present inside folders Click Next to proceed to the next step Step 2 Search for ACLs that do not have the following permissions Select ACE Type and permissions Search for folders files that do not have these permissions The search results will contain only those folders files that do not have the selected permissions 153 Chapter 3 NTFS Security Auditor a
429. ype the UNC path of a shared folder that is not in the list and then click Add to add it to the list In addition you may also import a list of UNC paths to shared folder list from a text file by using the Import button Click Next to proceed to the next step Step 2 Account Selection 1 Select the accounts for which you wish to grant permissions 2 The selected accounts will be added to the wizard as shown below 404 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 2 of 6 Select usergroup account s Select the user andvor group accounts For which you would like to grant permissions on shared Folder si File s Account name ea Add to list oo Accounts from domain server Browse and Select Accounts from Scan Profiles Usersisroups Select a Protile o Selected Accounts Account Mame Account Type e Use Select a Scan Profile Users Groups option to use the users and groups added in the profile 405 Chapter 4 NTFS Security Manager Grant Permissions Wizard Step 2 of 6 Select user group account s Select the user andor group accounts For which you would like to grant permissions on shared Folder si File si Account name jens Add to list o Accounts from domain server Browse and Select Accounts from Scan Protiles Userssroups ss Frequent Accounts o Selected Accounts Account Mame Account Type ACVENTURE alec User S0VENTUIRE Angelo User 40VENTURE James User 40VENT
Download Pdf Manuals
Related Search