Software for defining rules for folder permissions and monitoring deviations
Posted
by
Kjensen
on Server Fault
See other posts from Server Fault
or by Kjensen
Published on 2012-09-27T08:50:27Z
Indexed on
2012/09/27
9:39 UTC
Read the original article
Hit count: 216
file-permissions
|security-audit
Let's say a company has a large number of users, and each user has a home area.
On each share used for home area folders, I would like to define some rules saying who is supposed to have which permissions on the folder.
Then I would like to audit automatically, that this is actually the case and get some sort of report on deviations.
So a rule for \MegaServer\Home01 could be defined something like:
- Domain Admins - Full Control
- Backup Agent - Read
- [Home folder owner] - Full Control
I am talking about Windows platform and Windows servers, although I think it would most likely also work for *nix machines that expose Windows shares.
Does software like this exist?
I could roll my own basic version, but if something already exists, that is usually a better option.
I am aware of tools to make displaying permissions easier (AccessEnum, DumpSec), but that is not what I am looking for.
© Server Fault or respective owner