SIEM, Log Management, Security, Compliance, Server Monitoring and Uptime Monitoring Software
Table of Contents

File and Directory Access Permissions Reports

The File and Directory Access Permissions Reports enable you to either manually on-demand scan any disk or directory for assigned permissions and optionally schedule the results to be emailed to you or output to a file, for example, a CSV file.

Requirements

Operating SystemTechnology
WindowsRemote WMI and Windows Shares
LinuxSFTP/SSH or FTP/S

How to create a File and Directory Access Permissions Report:

  • From the Menu Bar select File | New. The Create New Object View displays.
  • From the Create New Object View, expand Report | File and Permissions Reports then select File and Directory Access Permissions. The Properties View displays.
Note
Unlicensed report types appear in gray text. If you would like to create a report that is not currently licensed, please contact Corner Bowl Software to upgrade your license.

How to configure the File and Directory Access Permissions

  • Use the Files and Sub-Directories section to:
OptionDescription
Include filesScan and list each file in the report.
Detail sub-directories and filesScan and list each sub-directory in the report.
Hide BUILTIN users and groupsHide the BUILTIN account from the report.
  • Use the Access Permissions section to configure the permissions to report. The following permissions are supported:
OptionHex ValueDescription
None0x00000000No permissions assigned.
Read0x00000001Permission to read the data of a file.
Write0x00000002 Permission to modify a file's data anywhere in the file's offset range. This includes the ability to write to any arbitrary offset and as a result to grow the file.
Append0x00000004The ability to modify a file's data, but only starting at EOF.
ReadEA0x00000008Permission to read the named attributes of a file or to lookup the named attributes directory.
WriteEA0x00000010Permission to write the named attributes of a file or to create a named attribute directory.
Execute0x00000020Permission to execute a file or traverse/search a directory.
DeleteChild0x00000040Permission to delete a file or directory within a directory.
ReadAttributes0x00000080The ability to read basic attributes (non-ACLs) of a file.
WriteAttributes0x00000100Permission to change the times associated with a file or directory to an arbitrary value.
Delete0x00010000The right to delete the object.
ReadControl0x00020000The right to read the information in the object's security descriptor, not including the information in the system access control list (SACL).
WriteDAC0x00040000The right to modify the discretionary access control list (DACL) in the object's security descriptor.
WriteOwner0x00080000The right to change the owner in the object's security descriptor.
Synchronize0x00100000The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right.
SystemSecurity0x01000000Specifies access to the system security portion of the security descriptor.
MaximumAllowed0x02000000Indicates that the caller is requesting the most access possible to the object.
GenericAll0x10000000All possible access rights
GenericExecute0x20000000Execute access
GenericWrite0x40000000Write access
GenericRead0x80000000Read access
File and Directory Permissions Report Properties View
File and Directory Permissions Report Properties View

Related Topics

File and Permissions Reports

Reports