Tags: Windows File Server Security, NTFS security management, NTFS permissions tool, NTFS management tool, manage NTFS folder permissions, Grant NTFS Permissions, Revoke NTFS Permissions, Modify NTFS Permissions, Manage Windows file server permissions, manage windows file server ACLs, manage folder permissions, modify folder share permissions, assign role-based permissions to folders and files.
Vyapin’s NTFS Security Manager is a powerful NTFS permissions management tool that offers extensive features to secure File Systems in your servers and workstations.
With Vyapin’s NTFS security Manager you can modify the security permissions of Shares, Folders and Files present in your network without affecting the inheritance from the parent object. Vyapin’s NTFS Security Manager has been architected using the latest Microsoft .NET technology, bringing you the best-in-breed NTFS Management solution for your entire Windows Network. You can create data subsets for your network using powerful scan options and meaningfully segment your entire network for managing permissions.
NTFS Security Manager in a nutshell
Grant permissions to multiple Accounts in one operation for File/Folder/Shares access.
Replace existing permissions with new permissions.
Delete selected Accounts including its permissions from the Files, Folders and Shares permissions list.
Delete permissions from explicitly assigned Account permissions.
Allow or Block inheritance from the parent Share/Folder into the current File/Folder/Share.
View and modify permissions on Shares, Folders and Files for every Account without any impact on the inheritance from its parent object.
Create subsets of Computers/Users & Groups/Shares using the Scan Profiles manager for recursive use in permissions management.
Power Search feature conditionally finds NTFS permissions on Files/Shares using powerful search queries.
Let us do a quick walkthrough of how to grant, revoke and modify permissions for a set of Users / Groups using NTFS Security Manager in version 1.0.
Select the desired shared folder/file by either specifying the UNC path/Scan profile (Shares) name, Add From a list of available computers or import the list of UNC paths from a text file by clicking the relevant tabs.
Figure #1: Choose shared folders/files
Specify the desired account name or choose from the Domain/Server/Scan profiles created already for Users/Groups to grant the required permissions. Here, ‘Frequent Accounts’ scan profile is chosen to grant permissions on shared folders.
Figure #2: Accounts selection (User/Group)
The Grant Permissions Wizard allows you to check multiple Access permissions (Basic & Advanced) and the Access type (Allow/Deny). You can also specify ‘on which’ objects to apply these permissions.
Figure #3: ACE permissions & Type
The next step in the wizard details the permission rules that you can define when granting permissions for certain user accounts. There are two major rules type – Assignment rule & Inheritance rule.
Assignment rule: This rule Adds or Deletes the accounts and their permissions. Choose the ‘Add’ option to add the current permissions with the existing permissions. If there is a redundancy in User accounts, either the permissions can be merged or replaced completely with the current permissions.
Choose the ‘Remove’ option to delete and replace the existing accounts with the current permissions.
Inheritance Rule: You can either ‘Allow’ or ‘Block’ inherited permissions choosing the relevant options. There are additional options to copy or delete the inherited permissions before proceeding with the ‘Block’ option.
Figure #4: Choose Permission Rules
Finally, you can store the wizard settings in a template and reuse them anytime.
Figure #5: Save the Grant Permission task settings as a template
Follow the steps similar to ‘Grant Permissions’ task and check the box at the bottom in the Revoke Permissions wizard to revoke the existing permissions that were granted to User accounts inadvertently.
Figure #6: Revoke permissions
The Modify Permissions feature allows you to view and modify the entire file system permissions. For example, you can use the Add option to add an account with permission Read and Execute. You can use the Remove option to remove an account and its explicit permissions from the share’s permissions list. You can also edit the existing permissions and Allow and Block inheritance from the parent object.
In the figure 7 / screenshot given below, the first column lists the shared folders/files in the network. The next column lists all the accounts that have basic & advanced permissions. The last column lists all advanced permissions for the selected account. Now you can check/uncheck the desired permissions and finally check the box at the bottom to apply these changed permissions. Also, check or uncheck the box at the bottom in the second column to ‘Allow’ or ‘Block’ inherited permissions to this object from its parent.
Figure #7: Modify Advanced Permissions
Using NTFS Security Manager, you can:
Grant permissions in bulk for multiple Accounts to your Files, Folders and Shares.
Replace existing permissions with new permissions.
Remove selected Accounts with all its permissions from the Files, Folders and Shares permissions list.
Remove permissions from explicitly assigned Account permissions.
Allow or Block inheritance from the parent Share, Folder into the current File, Folder and Share.
View and modify Account permissions on Shares, Folders and Files.
NTFS Security Manager supports current versions of Microsoft Windows Server (2000/2003/2008) and localized versions of Windows Server, including German, Spanish and French. For more information about the new NTFS Security Manager v1.0, please visit: