Video Demo- Effective permission Report
Effective Permission Report - JiJi AuditReporter
Effective Permissions report in JiJi AuditReporter generates the resultant access
for a list of user(s) on a given set of share(s) by considering the following security
- Share permissions
- File permissions
- Central Access Policies (Windows Server 2012)
- Conditional permission entries (Windows Server 2012)
Effective Permissions Report – Key features
- Effective permission for set of users on set of shares is calculated simultaneously.
- The report can be toggled between Advanced and Basic Permission View.
- Ability to filter by user, share path, permissions and access limited by.
- Report can be categorized based on user, share paths, permissions etc.,
- The report can be exported to PDF/HTML/Excel.
Claims in effective access evaluation
In Windows Server 2012, Dynamic Access Control enables information governance by
introducing new capabilities for centrally controlling access and auditing access
to information in files. Dynamic Access Control(DAC) and Central Access Policies(CAP)
use Active directory attributes as claims to provide versatile access and auditing.
JiJi AuditReporter can evaluate claims defined in DAC/ CAP along with existing security/
share permissions to generate the resultant access permissions report.
JiJi Audit Reporter - Screens
The below screen shot shows how you can simultaneously generate the effective permission
for a set of users on a set of shares.
You can specify the traversal levels for the subfolders and you can also include
files in the specified folders. Please look at the below snip
Effective Permission Report
The screen shows the generated effective permission report.
The generated report contains the following columns.
- User name
- Share path
- Effective Access
- Access Limited By
The Access Limited By column indicates whether the access is limited by “Share Permission”,
“File Permission” or any Central Access Policy. The Access Limited By column indicates
the point of access control that Windows perceives is responsible for limiting access
to files or folders.
You can group the generated report by any of the columns as shown below (Grouped
by share path and user name).
Advanced Permission View Vs Basic Permission View
By default the report is shown in advanced view and can be toggled to basic view.
The report in basic view is shown below
Filter as in Microsoft Excel
We can filter the report based on multiple columns as in Microsoft Excel.