How to Track Permissions Applied on Files and Folders in Windows File Server

Download Lepide File Server Auditor
Or Deploy With Our Virtual Appliance
In This Article

Users with unrestricted access permissions to files and folders are the ultimate target for cyber-criminals. If such accounts are compromised, then the attacker effectively holds the keys to your kingdom. Continuous tracking of who has access to what on the File server is a vital part of ensuring that your permissions don’t sprawl out of control. In this article, we will go through the manual ways in which changes made to files and folders can be identified. We will also show you how Lepide File Server Auditor (part of Lepide Data Security Platform) handles this task.

Steps to Track Permissions Applied on Files and Folders

Keeping sensitive data under close surveillance helps keep your network infrastructure in a constant state of security. To do this, event-by-event analysis is crucial.

Let’s have a look at the steps you need to take to check who has access to what on the files or folders in your File server:

  • Step 1 – Locate the document for which you want to view the permissions.
  • Step 2 – Right-click the folder or file and click “Properties” in the context menu.
  • Step 3 – Switch to “Security” tab and click “Advanced”.
  • Step 4 – In the “Permissions” tab, you can see the permissions held by users over a particular file or folder.
    Figure 1: Permissions of users on a folder
  • Step 5 – Click “Effective Access” tab.
  • Step 6 – Click “Select a user” to add the user or group whose effective permissions you want to view. A list of all the effective permissions held by the user will be displayed on the bottom panel of the “Advanced Security Settings” window.
    Figure 2: Effective Permissions of users on a folder
  • Step 7 – To view the share permissions set on a shared file or folder, switch to “Share” tab. You can see a list of permission entries.
    Figure 3: Share permissions applied on a shared folder

How Lepide File Server Auditor Analyze Current Effective Permissions of Users have on files and folders

With a comprehensive auditing solution like Lepide File Server Auditor (part of Lepide Data Security Platform) in place, you can easily analyze current effective permissions held by users on files and folders, as well as modifications made to permissions.

The following screenshots show our “Current permissions” reports, which let you analyze the current permissions set on shared files and folders:

Permissions by users
Figure 4: Current permissions report

Our solution allows you to view permissions assigned to everyone, filter and sort the reports, identify stale objects and also indicates if the permission inheritance is broken at that level.

The following screenshot shows the user permissions on “test123” folder:

Figure 5: Permissions by users report

Effective permissions on an object are calculated after carefully analyzing and comparing both the NTFS and share permissions applied on it. The screenshot given below allows you to analyze the permission flow for an object:

Figure 6: Graphical view of Effective Permissions

All the 13 default permissions are represented using different colors and icons in our reports.

The following screenshot displays the effective permissions held by the members of a Group.

Figure 7: Effective permissions held by Group members

In addition to the reports shown here, Lepide File Server Auditor generates reports for inherited permissions, direct permissions and indirect permissions. You can also keep track of all changes in the permissions of files and folders and roll back any applied permission.

Reverse Permissions
Figure 8: Reverse Permissions

Download Lepide File Server Auditor

Or Deploy With Our Virtual Appliance