Software for defining rules for folder permissions and monitoring deviations

Posted by Kjensen on Server Fault See other posts from Server Fault or by Kjensen
Published on 2012-09-27T08:50:27Z Indexed on 2012/09/27 9:39 UTC
Read the original article Hit count: 216

Let's say a company has a large number of users, and each user has a home area.

On each share used for home area folders, I would like to define some rules saying who is supposed to have which permissions on the folder.

Then I would like to audit automatically, that this is actually the case and get some sort of report on deviations.

So a rule for \MegaServer\Home01 could be defined something like:

  • Domain Admins - Full Control
  • Backup Agent - Read
  • [Home folder owner] - Full Control

I am talking about Windows platform and Windows servers, although I think it would most likely also work for *nix machines that expose Windows shares.

Does software like this exist?

I could roll my own basic version, but if something already exists, that is usually a better option.

I am aware of tools to make displaying permissions easier (AccessEnum, DumpSec), but that is not what I am looking for.

© Server Fault or respective owner

Related posts about file-permissions

Related posts about security-audit