Previous Next

Introducing Quest Reporter : Reporting Examples : Generating an NTFS Security Report

Generating an NTFS Security Report
Windows NT File System (NTFS) reporting allows you to create reports to address potential security issues. Using the available NTFS security report templates, you can identify user and group access based on the associated Access Control Lists (ACLs). NTFS reporting also allows you to view the permissions assigned to network shares and directories.
You can use NTFS report templates to do the following:
Many organizations have standards for data collection permissions. For example, they may define the specific ACEs (Access Control Entries) that should be contained in the ACLs on shares and folders. Ensuring that these policies are followed helps protect data integrity.
Some organizations (such as financial institutions) have legal obligations concerning data security. They must control and monitor data access. The ability to detect security problems arising from data permissions is paramount. In this situation, NTFS reporting on share and directory permissions is central to daily network administration.
Consolidations and migrations are likely to involve new permissions. This lengthy process requires careful planning to determine the resources to which users have access. NTFS reports expedite this process.
To run an NTFS report template
1.
Expand Reporting | Report Templates | Permissions.
2.
Select NFTS.
3.
4.
Click the Objects tab, then click Add to open the Object Picker dialog box.
5.
Expand Active Directory | Computers
– OR – 
Expand Windows NT | Computers.
6.
– OR – 
a)
Expand the computer you have selected and navigate to the folders, shares, or logical drives that you want to report on.
b)
You can select multiple objects in the upper-right pane to add a group of objects. You also can select a combination of computers, shares, folders, and logical drives.
7.
To include system paths for the selected objects, click Paths and select from the following options:
Subfolder Expression Filter
For example, you can enter ^ followed by the text you want to search on. The carrot symbol (^) is a regular expression that is interpreted as "Only look for object types with names that begin with" followed by the text to search for. For example, if you entered ^msadc, the search would return all objects of the type specified whose names begin with "msadc".
8.
Click OK.
9.
10.
For example, you can enter ^ followed by the text you want to search on. The carrot symbol (^) is a regular expression that is interpreted as "Only look for shares that have names that begin with" followed by the text to search for. For example, if you entered ^sales, the search would return all shares whose name begins with "sales".
11.
Note: This option only becomes available when the "Retrieve Folder ACL" option is selected.
While still in the Object Picker, you can change selected share and folder reporting options for shares you have added. Right-click the share in question, and select Options.
12.
Click OK to return to the Run Report dialog box.
13.
Click the Attributes tab if you want to add, remove, or link the attributes being reported on.
For more information, see Linking Attributes.
14.
Click the Filter tab if you want to filter the data being collected.
For more information, see Applying Filters to Attributes.
15.
Click the Grouping tab if you want to specify a grouping and sorting order for the report.
For more information, see Grouping and Sorting Attributes.
16.
Click the Collection tab to select collection options.
For more information, see Using Different Collection Modes.
17.
Click the Output tab to select output options.
For more information, see Viewing and Saving Reports.
18.
Click OK to generate the report.