Understanding and managing NTFS permissions is an essential part of any system administrator to protect sensitive data on the Windows system.
NTFS Permissions reporting is an easier way for system administrators and IT personnel to audit the user-level access on files and folders.
Managing NTFS permissions a difficult and time-intensive task since it requires constant monitoring of the NTFS permissions to avoid unauthorized access.
Here is our list of the best NTFS Permissions Reporting tools:
- ManageEngine ADAudit Plus – EDITOR’S CHOICE A package of security tools that are based on Active Directory protection and look for account and permissions manipulation by intruders and suspicious behavior by insiders or captured accounts. Available for Windows Server, AWS, and Azure. Get a 30-day free trial.
- SolarWinds Access Rights Manager – FREE TRIAL This frontend for Active Directory is also able to analyze and report on a range of system access privileges, including file system permissions. Runs on Windows Server. Start a 30-day free trial.
- SolarWinds Security Event Manager – FREE TRIAL This is a SIEM tool that examines unauthorized access to system resources. Runs on Windows Server. Access a 30-day free trial.
- ManageEngine ADManager Plus – FREE TRIAL This interface for Active Directory includes a reporting tool that can explain all file and directory permissions. Offered for Windows Server, Azure, and AWS. Start a 30-day free trial.
- Netwrix Effective Permissions Reporting Tool This free analyzer report for Active Directory summarizes access rights for systems that include the file server. Available for Windows and Windows Server.
- CJWDEV NTFS Permissions Reporter This easy-to-use tool adds an entry into the context menu in File Explorer and is offered in free and paid versions. Runs on Windows and Windows Server.
There are many free and paid NTFS permissions reporter tools available that help you to manage permissions and prepare easy-to-read reports listing the permissions granted to a user or a group of users.
These tools work by scanning an entire directory structure and then generate a report with effective rights of a specified user to each file.
In this tutorial, we will review some of the best free and paid NTFS permission reporting tools and software on the market!
The Best Free NTFS Permissions Reporting Tools
In this section, we’ll go over some most popular free reporting tools as well as some great paid solutions that offer free trials for testing purposes.
The paid or commercial tools have more functionality, enterprise-level capabilities, and better UI.
Let’s jump right in and get started!
1. ManageEngine ADAudit Plus – FREE TRIAL
ManageEngine ADAudit Plus produces system usage and change activity in terms of the accounts held in Active Directory. The service offers a number of file server auditing reports, most of which detail changes that have occurred to file and folder access permissions.
The tool specifically focuses on the permissions structure of objects in Windows Server. However, you can get the software for ADAudit Plus for installation on a cloud platform from AWS Marketplace and Azure Marketplace.
The system offers a long list of auditing reports, not just those that focus on file system permissions. You can also get Active directory object structure assessments and user activity tracking with ADAudit Plus.
There is a Free version of ADAudit Plus and also two paid versions. You can get a 30-day free trial of the top plan. If you don’t buy at the end of the trial period, your installation switches over to the Free edition, which is limited to auditioning data for 25 workstations.
There is one download package for all versions and you get it on a 30-day free trial.
Once you have the software installed, open ADAudit Plus and click on the File Audit tab as shown below.
EDITOR'S CHOICE
ManageEngine ADAudit Plus is our top pick for an NTFS permissions reporting tool because it protects user accounts and resource permissions in Active Directory, which also applies to Azure AD. This system records all changes to records in AD, recording before values and the user account that made the change. The system will also raise an alert for each change, which enables the system manager to identify a compromised administrator account. All changes can be reversed once that renegade account has been shut down. Other features include login event examination that looks for infeasible activity, such as logging in from a different country or repeated failed login attempts. The service also watches user behavior and records regular behavior for each account. It will alert if patterns of activity change. This is a mechanism to spot insider threats and account takeovers.
Download: Get a 30-day free trial
Official Site: https://www.manageengine.com/products/active-directory-audit/download.html
OS: Windows Server, AWS, and Azure
2. SolarWinds Access Rights Manager – FREE TRIAL
SolarWinds Access Rights Manager is one of the best tool specially designed at making user provisioning and unprovisioning, tracking, and monitoring easy.
One of the best features of this tool is its user management dashboard that allows you to create, modify, delete, activate and deactivate user accesses to different files and folders.
You can create reports with detail information for auditing purposes with just a few clicks.
This tool will help you to prevent unauthorized changes to confidential data and files.
You can download this tool on a 30-day free trial. After downloading and installing the Access Rights Manager, click on the Access Rights Manager from the start menu.
3. SolarWinds Security Event Manager – FREE TRIAL
SolarWinds Security Event Manager is another best administration tool that can be used to increase efficiencies in administering, managing, and monitoring security policies and safeguards on your network.
It helps you to provides advanced searching features and takes automatic action against threats in real-time. This tool is capable of receiving and processing the tens of thousands of event log messages generated by network devices and servers.
You can filter log, keyword search, and exporting of log data using the Events page.
This tool works by matching patterns and detects suspicious patterns in the logs automatically.
You can download this tool on a 30-day free trial. After downloading and installing the Security Event Manager, click on the Security Event Manager from the start menu. You should see the following page that will help you get started immediately!
4. ManageEngine ADManager Plus – FREE TRIAL
The ManageEngine ADManager Plus is a simple and well-known Active Directory monitoring and reporting tool that helps you to view and analyze file-level security settings in their environments.
This tool will generate and exports reports of all NTFS folders as well as files and their properties in a readable format. is a web-based solution for Active Directory that allows you to generate reports and manage the Active Directory through a web browser.
With this tool, you can also perform some other routine tasks including, provisioning users, cleaning up dormant accounts, managing NTFS and share permissions, backup and recovery of objects and much more.
After downloading and installing the ManageEngine ADManager Plus, click on the Start ADManager Plus from the start menu, this will open the ADManager Plus in your default web browser as shown below:
Provide the default username and the password as admin / admin and click on the Login button. You will be redirected to the ADManager Plus dashboard in the following screen:
You can download a 30-day free trial.
5. Netwrix NTFS Permissions Reporter
Netwrix is a free and powerful NTFS permissions reporting tool that can be used to generate reports on a user-by-user basis. This tool will scan users with different levels of access permissions in File, Folder and active directory domain then generate a report in an HTML file. It will help you ensure that employees’ permissions align with their roles in the organization.
You can download this tool from their website.
You can use it by following the below steps:
1. Open the Netwrix tool as shown below:
2. Click on the Add button, you will be asked to specify network resources you want to check as shown below:
3. Select Active Directory and click on the Ok button. You should see the following screen:
4. Click on the Start Scanning button. Once the scan is completed, you should see the following screen:
5. Provide name and path of the generated report file and click on the Open button to open the generated HTML file as shown below:
6. CJWDEV NTFS Permissions Reporter
Cjwdev is a powerful and user friendly tool for viewing NTFS permissions throughout the entire directory tree. With this tool, you can see which users and groups have access to which files directories. This tool will help you to export files and folder permissions in a readable format. It comes with a rich set of features including, Fast, Accessible, Accurate, Exportable and Multi-Domain Friendly.
You can download this tool from here.
After installing this tool, you can use it by following the below steps:
1. Right click on any folder and click on the Report Permissions option. You will be redirected to the Cjwdev tools main page as shown below:
2. Click on the New Report Settings and select any directory you want to report permissions for and click on the Run Report button as shown below:
3. Once the process is completed, you should see the following page:
4. Click on the Export Report => Export button. You should see the following page:
5. Provide the name and path of the generated report file and click on the Save button.
6. Now, you can click on the generated file to see the report as shown below:
Conclusion
As you have seen, all the tools listed above are very good NTFS permissions reporting tool that helps you to identify the level of access privileges accorded to different users. With these tools, you can ease your administrative burden for day-to-day tasks.