Vyapin Blogs

Background

NTFS permissions play a vital role in securing Operating system objects (Folders, Files, and Services etc). NTFS permissions works on the basis of what is called an Access Control Model. The Access Control Model contains of the following:

• Access token
• Security Descriptors

Access token: Contains information about the logged on user and their privileges.

Security descriptors: Every object in a system has a set of regulatory information attached to it, which controls information about gaining access to the object and its attributes. These sets of regulatory information are termed as Security Descriptors. Security descriptors are created along with creation of an object and act as the backbone of the NTFS security.

A Security Descriptor consists of the following components:

• Security identifier (SID) – a unique identifier (a unique value) that identifies whether the entry is a User or Group.

• Discretionary Access Control List (DACL) - contains the Users and Groups and Permissions (Allow or Deny) on the object. Each entry in DACL is called an Access Control Entry (ACE).

• SACL (System Access Control List) - contains the auditing details of attempts made to access the object.

Let us review the above concepts with a simple example. Imagine a “Folder” as a physical File folder cabinet with an electronic lock. The various electronic lock codes for accessing the file cabinet are Permissions, which control who gains access to the file cabinet and what they can do inside the file cabinet. Such information is maintained in DACL as ACE entries. You can also put an additional Security near the File cabinet, to maintain an information log (audit) about who are accessing the file cabinet (SACL). SID is like an electronic key code that unlocks the file cabinet.

NTFS working

Whenever a user logs into the system, the system creates a unique Access Token for the user. The Access token contains the information about the Security Identifier (SID) and the permissions held by the user. Whenever the user tries to access any object, a copy of the Access token is given to the thread executing the process. The object for which the user is requesting access contains the Security Descriptor. The object, on receiving request, compares User SID with the entries present in the Security Descriptors DACL entries. If a match is found while comparing items, applicable permissions are given to the user.

Let us review the working of NTFS permissions with a simple example.

Consider a user named Tom requesting Access to object as logon user.

On receiving the Access request, DACL checks the ACE entry for “Tom”. In this scenario Tom is given the permissions to “Read, Write, Delete” on the object.

Note: This Scenario is also applicable for users accessing “Shared Folders” across File Servers.

Types

Permissions are of two types

• Explicit permissions
• Inherited permissions

Explicit permissions: Permissions that are listed in ACL directly.

Inherited Permissions: Permissions that are granted by means of group membership; the user may not be listed in the ACL directly, as we know that ACL contains permissions for users and groups, but via group membership, users may be getting some permissions. For example consider an object with the following ACE entries

Note: User Gary is a member of Technical Leaders group.

For the above scenario, user Gary is getting the permission “Take Ownership” because of his membership in Technical Leaders, in addition to his existing permissions. These extra permissions are termed as Inherited Permissions. So while accessing the object, the resultant permissions that are applicable are:

Effective Permissions

Effective permissions are the resultant permissions a User or a Group has towards an object. Effective permissions are the combination of Explicit and Inherited Permission entries and the restrictive permissions apply while accessing object. The following shows the essential factors that need to be addressed while considering effective permissions:

Factors:

• Well known SID
• Local group membership
• Global group membership

Effective permission calculation involves both direct and indirect group membership. The user may be direct member of the group or may become an indirect member of the group by-means of nested groups. For example consider the following scenario

Even though User Gary is not a direct member of the Team Leaders group, by means of nested group Team Leader -> Team Auditing, Gary is somewhat of an “indirect” member of Team Leaders. That is, the permissions of Team Leaders are also applicable for user Gary along with the other permissions.

If the user is a member of more than one group, effective permissions are calculated by taking all the groups’ membership into account and the approximating them.

Effective permissions for groups do not involve group membership. It shows only the explicitly assigned permissions in the ACL.

How Admin Report Kit For Windows Enterprise (ARKWE) address effective permissions reporting?

ARKWE has the provision to report about Share folders and Files NTFS permissions in all dimensions.
It has the ability to report the permissions information about the Users and groups that may or may not present in the Share Folders across File servers and domains.

It has provision to Export/Print reports in various formats (HTML/CSV/MDB/PDF/TIFF/XLS) and also to schedule reports at required Time intervals without any user interaction.

ARKWE addresses the effective permissions reporting pain, by taking all the necessary factors such as Group membership, Well Known Sid etc into account. The following summarizes the advantages of ARKWE over the Windows Effective Permissions Tool.

The primary objective of having individual user accounts and computers clubbed as ‘Groups’ in Active Directory registry is to simplify the administration overhead involved in managing numerous Active Directory objects. With Groups, it is easy for the IT administrators to define policies for similar objects and manage them under a common schema. However, monitoring the increased number of groups and their members could be really challenging for the administrators. Taking stock of groups and its corresponding members along with their rights and permissions within the domain could be manually tiresome. Prevalent security vulnerabilities and increased compliance requirements warrant constant ’sanity’ checks and a reliable third party reporting solution would be the need of the hour to draw insights on the Active Directory groups.

Admin Report Kit for Active Directory (ARKAD) with its out-of-the-box Groups’ reports allows administrators to monitor the Active Directory groups effectively and ensure strict adherence to compliance requisites.

‘Built-In’ Groups report: The following Built-In reports allow users to readily generate information on frequently accessed information about Active Directory Groups:

• Recently Created/Modified/Deleted groups:
  

Recently created/modified/deleted groups’ reports provide information on the groups created, modified and deleted within the specified time corresponding to the domain.

• Groups that have no members:
  

Groups that have no members report gives information on the groups within a domain that are empty with no members.

• Groups that have more than N members:
  

Groups that have more than N members report lists groups within a domain with more than the specified number of members in them.

• Groups that have less than N members:
  

This report lists the groups with less than the specified number of members in them within a domain.

• Groups that are not a member of any other group:
  

This report displays the list of groups that are not members of other groups within the domain.

• Groups that are member of more than N groups:
  

This report gives information on groups that share membership with more than the specified number of groups within a domain.

• Universal Groups:
  

This reports the list of Universal Groups corresponding to the domain.

• Global Groups:
  

This reports the list of Global Groups within a domain.

• Domain Local Groups:
  

This report lists the Domain Local Groups corresponding to the domain.

• Distribution Groups:
  

Distribution Groups report lists the Distribution Groups i.e. groups used for non-security purposes as in mailing list within a domain.

• Security Groups:
  

Security Groups report lists the Security Groups i.e. groups which have domain specific users as its members within a domain.

• List of groups in an OU:
  

This report lists the groups within a specified Organization Unit corresponding to a domain.

• Groups with only User accounts:
  

This report lists the groups with only individual user accounts as their members within a domain.

• Groups with only Computer accounts:
  

This report lists the groups with only Computer accounts as their members within a domain.

Quick reports: Quick reports are a bunch of pre defined reports that allow administrators to retrieve frequently accessed information corresponding to each AD objects. The following are some of the significant Quick reports on Group accounts:

• Groups that are member of another group:
  

This report lists the groups which share membership with other groups.

• Members of Administrators group:
  

This report lists the members of the Administrators group corresponding to a domain.

• Member of Domain Admins group:
  

This report lists the members of Domain Admins group corresponding to the domain.

• Members of Enterprise Admins group:
  

This report lists the members of Enterprise Admins group corresponding to the domain.

• List of Managed Groups:
  

List of Managed Groups report lists the details of groups having managers.

• List of Unmanaged Groups:
  

List of Unmanaged Groups report gives information on the groups without managers.

• Groups that are not a member of any other Group:
  

Groups that are not a member of any other Group reports details of groups that does not share a membership with any other group within the domain.

• Nested Groups that form a loop:
  

This report displays information about Nested groups corresponding to a domain that end up forming a loop.

• Nested Groups:
  

Nested Groups report lists information about Nested Groups within a domain.

Insight Reports->Groups: The Insight report is a powerful feature to report summarized and detailed information about the AD objects. These reports are based on numbers i.e. frequency of occurrence corresponding to objects’ attributes. Insight reports also can be customized by specifying values against certain parameters for each report to generate a custom view of the report. The reports enable administrators to gain meaningful insights on Active Directory infrastructure.

Consider a situation where the administrators wishes to take stock of the entire domain and list groups which have less than the specified number of members. Enumerating the groups and monitoring their membership details manually would prove a daunting task for the administrators. Let’s see how ARKAD reports the details of groups with lesser members.

Screenshot of Built-in reports-Report Selection:

The above screenshot shows the report, “Groups that have less than N members” being selected from the list of Built-in reports.(Built-In reports–>Built-In Object reports–>Groups–>Groups that have less than N members).

Screenshot of specifying report parameters:

The value corresponding to the report parameters is specified. Group with less than five members would be reported.

Screenshot of Field selection:

The above screenshot shows the list of Available Fields and the Selected Fields corresponding to the report. The fields that are to be reported can be customized to generate meaningful information across the desired fields. The arrangement of the fields within the report can also be customized to make it easy for the administrators to access critical information.

Screenshot of Domain Controller Selection:

The above screenshot allows the user to specify the ‘Domain Controller Name’ corresponding to which the details of groups are to be listed.

Screenshot of Groups that have less than N members:

The above screenshot shows the list of groups within the domain having less than 5 members. The report can also be customized through the Quick Filter and Advanced Filter options wherein logical conditions can be applied to the reported information to give a custom view.

Admin Report Kit for Active Directory (ARKAD) with its cutting edge Group reports allows administrators to monitor and manage Groups better in an Active Directory topology and makes management reporting easy.

For a 15 day free trial, visit our product home page at http://www.vyapin.com/products/active-directory-audit/active-directory-reports.htm .

Managing an increasingly scalable Active Directory registry and monitoring the numerous user accounts and their attributes is almost a nightmare to the IT administrators. With Active Directory being the central repository of information without any native tools for advanced reporting , it is almost impossible for administrators to retrieve information about individual user accounts within a domain. Frequent monitoring of the network infrastructure is also a must, given the organizations’ chances of loosing track of obsolete user accounts thereby leading to security and policy violations. Not to forget the increasing compliance requirements that an organization faces in today’s context.

Admin Report Kit for Active Directory (ARKAD) was engineered to address these hardships of the IT administrators. With its incisive ‘Users ‘reports, ARKAD makes it easy for the administrators to take stock of the entire Windows network and monitor the associated users efficiently and meet the necessary compliance requirements.

‘Built-In’ Users reports:

ARKAD contains the following ‘Built-In’ reports which enable the administrators to readily generate frequently accessed information about individual user accounts,

Recently created/modified/deleted users reports provide information on the user accounts created, modified and deleted over a specific period of time.

This report enumerates the list of user accounts corresponding to the domain that are to change their passwords at next logon.

Users who cannot change their password report displays the list of user accounts who do not have the privilege to change their account password.

Users whose password never expires report gives information on the user accounts whose password does not expire.

This report displays the user accounts corresponding to a domain whose password expires within the given period of time.

List of Users in an OU report enumerates the list of individual user accounts in an Organizational Unit. Specific containers within a domain can be chosen and the sub containers within them can also be included to report the individual user accounts within.

User accounts that expire in the time period report gives the details of individual user accounts that expire within the specific period of time.

Users whose password is stored using reverse encryption report displays the list of user accounts whose passwords are stored by decrypting the encrypted version.

This report lists user accounts corresponding to a domain who require a smart card as part of their interactive logon.

User accounts that are trusted for delegation report enumerates the list of user accounts having delegated rights i.e. user accounts that are trusted for delegation.

User accounts that are sensitive and cannot be delegated report lists the sensitive user accounts that cannot be delegated.

User accounts that use DES encryption types of keys report lists the individual user accounts that use Data Encryption Standard encryption type keys.

This report lists individual user accounts that do not mandate Kerberos protocol based pre-authentication for log on.

Users who have not logged on recently report lists user accounts who have not logged on within the specified time period.

Users who have logged on recently report lists user accounts who have logged on recently within the specified time period.

Users without Logon script report enumerates user accounts without logon script corresponding to a domain.

Users Dial-in permissions report lists the Dial-in permissions corresponding to the user accounts within a domain.

Domain Admins only report displays the list of user accounts who are members of Domain Admins group.

This report enumerates the failed last logon details of individual user accounts corresponding to a domain.

Users Logon Workstations report lists of users and details of their logon to workstations.

Users and their dates of last password change report displays user accounts’ recent password change details.

Quick Reports: Quick reports, a powerful feature in ARKAD allows users to extract specific information from Active Directory domain. In other words, they are pre-defined set of reports corresponding to each AD object which allow users to generate reports on frequently accessed information with no loss of time. The following are some of the Quick reports on user accounts within a domain to enable faster reporting,

Users who are in Memberof Administrators Group report lists users who are members of Administrators group within the specified domain.

This report lists the individual user accounts who are members in Enterprise Admins group corresponding to the domain.

List of Users having managers report displays details of individual user accounts having managers.

Users without managers report displays details of individual user accounts which do not have a manager.

List of manager based users report displays details of users which are managers by themselves.

Dial-in Allowed Users report displays the list of users with Dial-in allowed permissions.

Dial-in Denied Users report displays the list of users with Dial-in Denied permissions.

Users with logon script report displays the list of user accounts with logon script.

Consider a scenario where the IT administrator intends to list the users who need to change their passwords during their next logon. Looking into each user account manually and retrieving the information is beyond question.

Let’s see how ARKAD generates this report for IT administrators.

Screenshot of Built-in Reports-Report Selection:

The above screenshot shows “Users required to change password at next logon” report selected from the list of Built-in reports. (Built-In reportsàUsers required to change password at next logon).

Screenshot of Built-in Reports-Field Selection:

The above screenshot shows the list of Available Fields and the Selected Fields corresponding to the report. The fields that are to be reported can be selected to generate meaningful information across the desired fields. The arrangement of the fields within the report can also be customized such is the degree of control over the reporting process vested on its users by ARKAD.

Screenshot of Built-in Reports-Domain Controller Selection:

The corresponding Domain name and the Domain controller which has to be looked into for the user account information are selected.

Screenshot of Users required to change password at next logon report:

The above screenshot shows the list of individual user accounts who need to change their passwords at next logon.

Admin Report Kit for Active Directory (ARKAD) with such out-of-the-box user reports makes Active Directory monitoring and reporting easy and is certainly a value add to the IT infrastructure.

For a 15 day free trial, visit our ARKAD product page at http://www.vyapin.com/products/active-directory-audit/active-directory-reports.htm.

We have made a significant release of our powerful SharePoint list management solution – SPList Manager for SharePoint 2007 (SPListM) version 1.2.

The following are some of the improvisations made to the product solution in this new release:

1. Support to Forms based authentication: SPListM now supports Forms Authentication validating the users against the corresponding SharePoint environment. SPListM would support websites configured with Forms based authentication mechanism.
2. Supports Fully Qualified Domain Name format: SPListM now supports a Fully Qualified Domain Name, i.e. ‘username @domain’ format in its entire validation schema.
3. Profile Manager Tool: Users’ logon information can be stored as User profiles and the same can be retrieved without necessarily entering the credentials every time. Profile manager supports both Windows based and Forms based authentication credentials. Using this, the users can just select their corresponding credentials without manually entering them every time when connecting to SharePoint.
4. Folder options: SPListM now allows users to create folders (if unavailable) on the fly and helps in restructuring folder hierarchy during content migration. The folders to be created can be defined in the external batch descriptor file.
5. Web Services Component Indicator: It is now easy to determine the existence of Web Services Component. The Web Services Component Indicator would now determine the presence of Web Services Component in the corresponding destination SharePoint server. The user can access the same from the Tools Menu of the application (ToolsàTest SPListM Web Service). This would avoid Web Service Component mismatch, if any.
6. SPListM application can now run on Windows 7 / Vista / XP computers. SPListM Web Services component can run on Windows Server 2008 and 2003.

For a free 30-day trial version or to upgrade to the latest version of SPListM software, visit the product home page at http://www.vyapin.com/products/sharepoint/moss-2007/splistm/sharepoint-2007-list-management-tool.htm .

IIS 7.0 with its scalable architecture is bound to increase the number of web applications hosted on a single server. But are the IIS administrators ready for the challenge? IIS7.0 certainly provides for a cost-effective and secure web server platform capable of hosting thousands of websites. While managing just a single web server with numerous web applications in itself is a challenge, imagine the arduous task before the IIS administrators to manage multiple web servers. Given the number of configuration parameters that have to be referred to, it is almost impossible for the administrators to pull out information manually, compare the settings with another website for reference and carry on configuring a new website, change the settings of an existing website or migrate websites from one server to another.

Admin Report Kit for IIS 7.5/7 (ARKIIS) has come out with a powerful comparison feature to address the plights of the IIS administrators. Comparison reports in ARKIIS allow you to compare IIS configuration settings with a baseline reference across virtual directories, websites and servers as detailed as following,

Comparing websites with a baseline website:

ARKIIS allows IIS administrators to compare the IIS configuration settings of numerous websites across multiple web servers with a single baseline (reference) website. Comparing against a standard baseline website would allow them to configure the web site same way or would help them troubleshoot issues, if any. A standard website is chosen as the ‘Baseline Website’ and the ‘Web Site(s) to be compared’ is chosen from the populated list. The scope of the comparison can include all Web site and ASP.NET reports (settings) or can be restricted to include only selected reports. A summarized view of the websites to be compared and the reports selected is also generated. Specific reports can be chosen from the ‘Report Pane’ and the comparative properties with their corresponding baseline website values and the Compared Website values are reported. The differences in the values against specific properties are displayed in red for the IIS administrators.

Compare virtual directories with a baseline virtual directory:

Not just websites, with ARKIIS it is possible for IIS administrators to compare multiple virtual directories across web servers against a single baseline (reference) virtual directory. A baseline virtual directory is selected from the enumerated list of web sites belonging to different servers and the virtual directories that are to be compared against are also selected. The scope of the comparison can again be restricted to include only specific Website settings reports and ASP.NET settings reports or can be expansive enough to include all the Website and ASP.NET settings reports. A summary of the virtual directories to be compared and the reports to be generated is displayed. To report information about specific parameters the corresponding reports are chosen from the ‘Report Pane’.

Comparing the whole IIS server with another:

What if the IIS administrator wishes to compare the whole IIS server with another? ARKIIS provides for an efficient way to compare a whole IIS server with another. The comparison can be between websites and/or virtual directories within the servers. The baseline server and the server to be compared are selected. The websites and virtual directories that are to be compared are selected from the list. The excluded entities can be viewed from the ‘View Excluded Lists’ button. The comparison can be defined to all Website and ASP.NET settings reports or can be restricted to include only selected reports. A summary of the compared websites and the corresponding selected reports is also displayed. The difference in values corresponding to the properties compared is displayed in red for the IIS administrator to draw inferences from.

Let’s see how ARKIIS draws a comparison between two servers ‘RD52′ and ‘RD48′.

Screenshot of Comparison reports-Comparison options:

The comparison option to compare two IIS servers is first selected. The scope of the comparison is to be specified by selecting the entities to be compared, i.e. websites and virtual directories.

Screenshot of Comparison reports-Selection of Web sites, virtual directories to compare:

‘RD 52′ is selected as the Baseline Server and ‘RD48′ is the server to be compared against. The list of common websites and their virtual directories is displayed and the corresponding web sites and virtual directories which are to be compared are selected.

Screenshot of Comparison reports-Selection of reports to compare:

The reports to be generated i.e.website settings and virtual directory settings to be compared are selected.

Screenshot of Comparison reports-Summary:

The summary of the virtual directories and websites selected and reports that are to be generated is displayed.

Screenshot of Comparison report:

The above screenshot shows the Comparison report comparing the IIS configuration settings of Baseline Server ‘RD52′ and Compare Server ‘RD48′. Specific websites and virtual directories can be compared one to one against the baseline settings by choosing them from the list box above. The differing Baseline Web Site Values and Compared Web Site Values are displayed in red. To compare other web site settings or virtual directory settings, the corresponding reports are to be chosen from the ‘Report Pane’.

Admin Report Kit for IIS (7.5/7) with its comparison feature is sure to make life easy for the IIS administrators in managing complex web applications across multiple web servers.

For a free 15 day trial version, visit our product home page at http://www.vyapin.com/products/iis-audit/iis7-reports.htm.

Our much anticipated major release of Admin Report Kit for Active Directory (ARKAD) version 6.2 is finally here with the following new features included,

1. AD Summary Reports: ARKAD now comes up with the ability to report object-specific significant information in a powerful summarized view. AD Summary reports displays summarized vital information about Domains, Organizational Units, Computer Accounts and groups.
2. Quick Reports: Quick reports allow the users to restrict the scope of reports to include only specific entities within the domain and generate meaningful information faster. This saves the users from the time involved in scanning the entire domain to retrieve information about specific objects. This is especially useful for oft repeated administrative tasks.
3. ARKAD now allows the user to schedule reports by e-mail. The reports can be scheduled to later hours to reduce the operational load and can be automatically mailed across to the desired recipients.
4. Custom Queries: With ARKAD, it is now possible for users to create their own reports. Custom Queries feature within the Quick reports allow the user to create a custom report by defining logical queries and generating the reports within the ARKAD framework. A custom query can be used to extract information from various containers across the directory.
5. Additional user attributes such as Employee ID, Employee Number, Department Number, Division, Car License etc. can be now retrieved using ARKAD. This additional information better qualifies the users associated with the directory.
6. Computers’ last logon date and time: ARKAD retrieves the last logon date and time of a computer specific to domain controllers within a domain and reports the most recent value as the computer’s last logon date and time.
7. ARKAD now reports the list of nested groups and nested groups that form a loop. (Quick reports->List of nested groups that form a loop).

Admin Report Kit for Active Directory (ARKAD) with its above features could very well be indispensable for any Active Directory infrastructure.

For further information on ARKAD, visit our product home page at http://www.vyapin.com/products/active-directory-audit/active-directory-reports.htm

Forests are at the top of the Active Directory hierarchy. Forests comprise within themselves one or more domain trees (independent or interdependent) administered by a common schema. Usually a networking infrastructure contains in it a Forest at the top level. The objects within the Forests are controlled by the Forest Root Domain, created initially when the Active Directory is installed for the first time. With companies operating across geographies, the Active Directory has expanded rapidly resulting in the Forests’ topology becoming increasingly complex. To administer an Active Directory infrastructure with multiple forests spread across geographies is no easy task. Imagine the volume of data that would be generated or the number of individual entities that have to be looked at.

Admin Report Kit for Active Directory (ARKAD) has in it numerous out-of-the-box reports that present a bird’s eye view of the Active Directory topology at a Forest Level. Through these reports ARKAD allows administrators to generate reports across multiple domains and take stock of the entire forest.

Domain Reports at a Forest level gives information about the various properties of domains within a forest. The domain controllers within the respective domains and the trust relationships (trusting or trusted) prevailing between them are also reported. The administrator corresponding to each domain, their permissions and the security settings are some of the other significant information reported at a forest level. Auditing information corresponding to the changes made within the domain can be viewed under ‘Auditing’ report. The Group Policy report gives information about the group policies that are applicable to the corresponding domains. The ‘Delegated Permissions’ report gives an insight on the users with their delegated tasks within the domain.

Site Reports at a Forest level provides configuration settings corresponding to sites within a forest. The location of the sites and their created and modified dates are reported in the ‘Location’ and ‘Object’ reports respectively. The ‘Security’ and ‘Auditing’ reports give information about the permissions associated with the sites and their auditing information respectively. The Group Policy Objects linked to the corresponding sites is reported in the ‘Group Policy’ report. The ‘Delegated Permissions’ reports users with delegated tasks within the sites.

Forest Level Group Reports provide information about various group settings corresponding to groups within a forest. Information about the members within the groups and the membership details of groups themselves are reported in ‘Member’ and ‘Member Of’ reports corresponding to the Forest. The created date and modified date values and details of the administrators managing the groups are also displayed. The Permissions associated with the members of the group and the auditing information are other relevant information reported. The ‘Deleted Object’ report displays information on the groups recently deleted.

Forest Level User reports enumerate the Users and their account information associated with the domains within a forest. The User display names, address, account details, profile path, telephone numbers, organization and position related details are effectively reported. The users’ membership details are also reported. Created Date and Modified date field values are displayed. The Permissions granted, their type along with the auditing information is retrieved in the ‘Security’ and ‘Permissions’ reports. The Last logon date of the corresponding user account and other relevant information such as Password Last Set date, Password expiration date etc. are reported in the ‘Additional Account Info’ report. The Password Settings Objects policies (applicable to Windows 2008 Domain Controllers) defined for users within the forest and the precedence level of such policies can be viewed under ‘Effective PSO (Win 2008)’. The deleted user accounts within the forest are reported under ‘Deleted Objects’ report.

Contact reports are similar to the User reports and display information about the Contacts corresponding to the forest. The Contact information such as display names, address, telephone numbers, organization and position held are some of the relevant information reported. The Membership details of contacts are also reported. The Created Date and Modified date values are some of the other significant information reported in ‘Object’ report. The Permissions defined against the Contacts and the auditing information are displayed under ‘Security’ and ‘Auditing’ reports. The information about deleted contacts and their last known parent are reported in ‘Deleted Objects’ report.

Group Policy Objects reports display information about the various Grouped Policy Objects within the forest. The details of Group Policy Objects linked with various objects within the forest are reported under ‘Links’ report. The objects that are connected to various GPOs and the corresponding details are reported in the ‘SOM Links’ report. The Security settings corresponding to each object, auditing information associated and related comments are retrieved for the administrator through the ‘Security Filtering’, ‘Security’ and ‘Auditing’ reports. ‘Deleted Objects’ reports deleted Group Policy Object corresponding to the forest.

Consider an example where the administrator wishes to generate a report on Trust relationships across various domains within a forest. Generating this report manually would be a cumbersome process.

Lets see how ARKAD does this with considerable ease. The following screenshot shows the Trust Relationship across domains within a forest

ARKAD with its out-of-the-box forests reports addresses administrators’ reporting needs with considerable finesse.

For a 15-day free evaluation visit our product home page at <http://www.vyapin.com/products/active-directory-audit/active-directory-reports.htm

Our powerful reporting tool for Internet Information Services 7.0, Admin Report Kit for IIS (ARKIIS 7.0) is out as a major release, Version 2.1 with the following significant features added:

1. Support to IIS 7.5: ARKIIS now supports IIS 7.5 in addition to the earlier IIS 7 version.
2. Comparison reports for web sites and virtual directories: ARKIIS would now allow the users to compare the configuration settings of various web sites and virtual directories. Using these reports, the users can compare the configuration settings of websites against a baseline website or virtual directory.
3. Favorite Groups for web sites: Users can now restrict the scope of scanning to include only specific websites and generate reports faster. This would save them from the enormous time involved in scanning the entire environment to retrieve information about specific sites.
4. Custom reports for web sites: Reports can now be customized using user-defined fields and values to generate meaningful information across selected fields from IIS. The user can now select the desired fields and is also given the discretion to fill the corresponding field values against the fields. The user-defined custom fields feature is one of the much anticipated ones by our customers.
5. Scheduled report generation using Power Export: Users can now schedule tasks to allow automatic report generation and export based on their need. The report generation can also be scheduled to non-office hours to reduce the system downtime and the corresponding frequency can also be set.
6. Report pane for easier navigation: A report pane is also added to facilitate easy access and retrieval of specific reports.

Admin Report Kit for Internet Information Services (7.5/7) V2.1 is a must-have tool that addresses the reporting, administrative and management needs of Administrators/IT Managers/CIOs and reduces their burden in managing IIS web servers.

For more information on ARK for IIS 7, visit our product home page at <http://www.vyapin.com/products/iis-audit/iis7-reports.htm

We have come out with a significant major release of our flagship SharePoint document migration tool, DocKIT for SharePoint 2010 / 2007.

DocKIT v4.0 now supports Microsoft SharePoint Server 2010 and Microsoft SharePoint Foundation 2010 in addition to its support to the earlier versions of Microsoft Office SharePoint Server 2007 (MOSS 2007) and Microsoft Windows SharePoint Services (WSS 3.0).

DocKIT in addition to its support to native SharePoint 2010 environment has come out with the following new features:

1. Extended support to Business Connectivity Services: Business Connectivity Services (BCS) is all about keeping the users connected to external databases and other sources of enterprise data (LOB systems). BCS is an evolution of Business Data Catalog (BDC) feature in SharePoint 2007, allowing the users to better integrate external data to the SharePoint portal. DocKIT through its support to BCS / BDC ensures that users can map their existing line of business applications into the SharePoint portal, thereby allowing the users to leverage on integrated information.
2. Support to Managed metadata: Managed metadata resembles the ‘Lookup Columns’ of SharePoint 2007. Unlike Look Up columns where it was impossible for the users to share metadata across site collections, Managed metadata is not site specific. Managed metadata has a centralized repository of pre-defined metadata that can be replicated for use throughout the SharePoint environment without having to define them every single time. DocKIT helps users retrieve the metadata values from ‘term sets’ associated with the Managed Metadata column.
3. Supports Document Sets: Document sets allow users to bundle related documents and treat them as a single entity. With DocKIT, the users can migrate multiple documents from file repositories and manage them better by assigning metadata to these ‘compound documents’ through an external metadata source.

DocKIT with its support to SharePoint 2010 features such as ‘Ratings Column’ data type, ‘Asset Library’ etc. would help organizations achieve a better collaborative environment by allowing the users to leverage on the extended features of SharePoint 2010.

The interesting information is the latest version of DocKIT supports both SharePoint 2010 and SharePoint 2007 environment within the same version of the product. This means our DocKIT customers do not have to invest twice (lower TCO) in a SharePoint document migration solution, one for each SharePoint version and can also quickly adapt / transition to the new version using the familiar interface.

For a free trial version of DocKIT for SharePoint 2010/2007 please visit our product home page at http://www.vyapin.com/products/sharepoint/sharepoint-2010/dockit/sharepoint-migration.htm.

Information Technology Audits have been made mandatory as it is now requisite for many organizations to keep track of users’ access to critical information assets. IT audit systems and procedures must broadly address the following requirements or objectives:

• maintain data integrity
• safeguard information assets
• allow organizational goals or objectives to be achieved effectively
• use resources efficiently

Audit logs detailing events and changes to information have to be maintained as a part of organizations’ compliance needs. Increased vulnerability to security threats has also made companies to record events and manipulations to information assets to maintain data integrity and also withstand external threats.

Imagine auditing a SharePoint environment which hosts huge voluminous business critical information in SharePoint sites and lists with numerous users making changes to them constantly. Keeping track of this information trail is an uphill task and following are some of the challenges a SharePoint administrator would confront in auditing a SharePoint infrastructure:

Admin Report Kit for SharePoint (ARKSP) through its in-depth audit reports makes it easy
for
administrators
to audit their SharePoint infrastructure. The following are some of the Built-in reports that provide critical audit information addressing the above challenges:

1. Web-Application Page Visits: Page Visits reports pages visited by users corresponding to a specific site within a web application.

   Fields reported: Front End Web Server, User, Web Application, Site URL, Page URL, Client IP Address and Visited Date.

   The report can also be ‘Grouped By’ to report information corresponding to the users and would give better insights on ‘who accessed what’.

2. Audit-Deleted List/Site: Audit-Deleted List/Site reports give information about deleted lists and sites within a site collection corresponding to a given date range or for the given number of days. You can group this information to view details such as the date of deletion and the user who deleted the lists/sites.
   

   Reported Fields are: Web URL, Web Title, List URL, Occurred and Performed By.

   Grouping the above report by ‘Performed By’ field would give the user a better perspective of the List and Sites deleted by a user over a period of time.
   

3. Audit-Group created/deleted: Audit-Group created/deleted reports give information about groups that are created or deleted at a site level in the last ‘N’ days. The report can also be generated for a specific date range. Details such as the user who created or deleted the groups are also reported.
   

   Reported Fields are: Web URL, Web Title, Group Name, Occurred and Performed By.

   The above report when grouped by ‘Performed By’ field reports the above information from a user perspective and would retrieve details of groups added or deleted by a corresponding user.
   

4. Audit-Group member added/deleted: Audit-Group member added/deleted reports retrieve information about the members added/ deleted within a group in the last ‘N’ days.
   

   Reported Fields are: Web URL, Web Title, User Name, Group Name, Occurred and Performed By.

   Grouping the report by ‘Performed By’ field values reports group members added or deleted by the corresponding user.
   

5. Audit-Permission Inheritance Changed: Audit-Permission Inheritance Changed report displays changes made in permissions inheritance corresponding to items, folders, lists and sites within a site collection. The scope of the report can be confined to specific date range or can include changes in the last ‘N’ days.
   

   Reported Fields are: Web URL, Web Title, Event Name, URL, Occurred and Performed By.

   Grouping the above report by ‘Occurred’ field values reports the above information from a date perspective and the user can view the changes made in permission level date-wise.

6. Audit-Permission Level Added/Deleted/Modified: Audit- Permission Level Added/Deleted/Modified reports display any changes made in permission levels corresponding to a site. Permission Level newly created, modified or deleted is reported at a site level.
   

   Reported Fields are: Web URL, Web Title, URL, Permission Level, Occurred and Performed By.

   The above report when grouped by the ‘Performed By’ field values displays information about who modified what corresponding to the permission levels.
   

7. Audit-Permissions Changed: Audit-Permissions Changed report displays information about changes in permissions settings of individual users and groups corresponding to a particular site. The date and time of occurrence and the modifier are also reported here.
   

   Reported Fields are: Web URL, Web Title, URL, Groups/Users, Occurred and Performed By.

   By grouping this report using ‘Performed By’ field, you can answer a very fundamental question: who changed what?
   

8. Audit-Search: Audit-Search report provides information on the searches made by users across the site. The scope of the search i.e.at a site level or at a site collection level is also reported. The keywords used in basic search or the conditions imposed during Advanced Search options are also reported.
   

   Reported Fields are: Web URL, Web Title, Query, Search Scope, Occurred and Performed By.

   The above report when grouped by ‘Occurred’ field values displays the details of searches made within a date range.

9. Site Permissions: Site Permissions report displays information about permissions defined across individual Users and Groups corresponding to each site.
   

   Reported Fields are: Web URL, Web Title, Groups/Users, Account Type, Description, Group Owners, Permission Levels and Members.

   The report can also be ‘Grouped By’ Users and Groups to know which individual users and groups have what permission levels corresponding to the site.

10. Site Security: Site Security report gives information about various security settings defined at a site level.

    Reported fields: Web URL, Web Title, Allows Anonymous Access, Anonymous state, Allow unsafe updates, Authentication Mode, Has External Security Provider, Inherits Role Assignments, Inherits Role Definitions, Request Access Enabled and Request Access E-mail.

    Grouping By authentication mode retrieves the security settings defined in accordance to specific authentication mode.

11. Site Visitors: Site Visitors report displays information about visits made by users corresponding to a site.
    

    Reported Fields are: Web URL, Web Title, User, Total Hits, Recent Month Hits, Recent Day and Recent Day Hits.

    Grouping this report by User reports the total number of visits including the users’ recent visit to the corresponding site.

12. Audit-Checked In/Checked out Items reports: Audit-Checked In/Checked out Items reports provide information about individual list items that are Checked In and Checked Out pertaining to a specific list in a site.
    

    Reported Fields are: Web URL, Web Title, List Name, Item URL, Occurred and Performed By.

    The above report when grouped by ‘Performed By’ fields displays the items Checked In and Checked Out corresponding to a user. The same when grouped by ‘Occurred’ field values would display the items Checked In and Checked Out corresponding to the specific date.

13. Audit-Copied Items: Audit-Copied Items report retrieves information about individual List items that are copied from a source list location to a destination list location. The Source URL and the Destination URL of the copied List items are also displayed.
    

    Reported Fields are: Web URL, Web Title, List Name, Source URL, Destination URL, Occurred and Performed By.

    Grouping the report by ‘Performed By’ displays the individual list items copied corresponding to a user.

14. Audit-Visited/Deleted Items: Audit-Visited/Deleted Items reports give information about individual list items corresponding to a list that were visited/deleted.
    

    Reported Fields are: Web URL, Web Title, List Name, Item URL, Occurred and Performed By.

    The above report when grouped by ‘Performed By’ field values displays the items visited or deleted corresponding to specific users.
    

15. Last Deleted items/Modified items: Last Deleted Items and Last Modified Items reports display information about individual list items that were deleted and modified for the last ‘N’ days.

    Reported Fields are: Web URL, Web Title, Item URL, Item Name, Deleted By/Modified By User name, Deleted/Modified by Display Name, Modified/Deleted Date, Created By-User Name, Created Date, Last Modified By-User Name, Last Modified Date and Size (in MB).

    Grouping the reports by User name reports list items modified or deleted by the corresponding user for a corresponding date range.

16. List Activity: List Activity report displays the First and the last activities with related users’ names corresponding to the List.

    Reported Fields are: Web URL, Web Title, List URL, List Name, First Activity Item Name, First Activity Item URL, First Activity Date, First Activity-User Name, First Activity-Transaction, Last Activity Item URL, Last Activity-Item Name, Last activity Date, Last Activity-User name and last Activity-Transaction.

17. List Folders Security: List Folder Security report generates information about the Groups/Users and their permissions assigned to each folder and its sub folders corresponding to the list.

    Reported Fields are: Web URL, Web Title, Base Template, List Name, Folder Name, Folder URL, Groups/Users and Permission Levels.

    Grouping the above report by Users and Groups gives a meaningful perspective to the permission levels granted for Users and Groups corresponding to the Folders and sub-folders.

18. List Hits: List Hits report retrieves information about the number of visits made in the last ‘N’ days along with the most recent visit information corresponding to the list.

    Reported fields are: Web URL, Web Title, List name, Total Hits, Recent Month Hits, Last Accessed Day and Last Accessed Day Hits.

19. List Item Security: List Item security displays information about individual users and groups and their permission levels assigned against individual list items.

    Reported Fields are: Web URL, Web Title, Base Template, List Name, Item URL, Item Name, Users/Groups and Permission Levels.

    Grouping the above report by Users/Groups reports permission levels associated with Users and groups corresponding to a list item. Grouping the report by permission levels would gives the users an indication about who has the most privileges granted against specific list item.

20. List Visits: List Visits reports total visits corresponding to individual list items over the last ‘N’ days.

    Reported Fields are: Front-end Web Server, Item URL, Item ID, Total Visit Count, Item Name, Item Visit URL, Visit Count, Action, Visited By, Visited Date and Visited Time.

    Grouping the report by ‘Visited By’ reports the visits made by the corresponding user over the specific date range.

21. Newly Added Items: Newly Added Items report displays the individual list items that were created over the last ‘N’ days.

    Reported Fields are: Web URL, Web Title, item URL, Item Name, Created By-User name, Created By-Display name, Created Date and Size (in MB).

    The above report when grouped by ‘Created By-User name’ displays the list items newly created by the user. Grouping the same in order of their ‘Created Date’ would display list items that were added corresponding to the specific dates.

Page Visits Report - An Example

Let us take an example where the SharePoint administrator intends to generate a report on visits made corresponding to a page within a site and individual list items within a list. Let’s see how ARKSP makes it easy for the administrators.

Screenshot of Audit-Page Visits report:

The above screenshot shows the Audit-Page Visits report (Quick Reports à Site à Audit-Page Visits) corresponding to the specified site. The report displays information about the Pages visited by the specified users in the last 30 days.

The same report to show information from an users’ perspective i.e., who has accessed what over the last 30 days by grouping this data using the ‘Performed By’ field.

Screenshot of Audit-Page Visits-Grouped By-’Performed By’:

The above screenshot shows the Page Visits made by the user “SHAREPOINT\system”. The page visits information is reported from a users’ perspective.

Let’s see how ARKSP enumerates the individual list items visited by users in the last 7 days.

Screenshot of Audit-Visited Items report:

The above screenshot shows the Audit-Visited Items report (Quick Reports à List à Audit-Visited Items) corresponding to the List. The report enumerates the users who visited the List items in the last 7 days.

The same report can be customized to display the above information according to date, meaning the visits can be reported date-wise based on the time stamp of the visit.

Screenshot Of Audit-Visited Items-Group By-Occurred:

The above report displays the Visited Items and their corresponding information based on the occurrence i.e., date and time of the visit. ARKSP with its multi-dimensional reporting allows users to generate meaningful reports across various perspectives and provides valuable insights to administrative users.

ARKSP with its insightful and customizable reports reduces the SharePoint administrators’ overhead in auditing the SharePoint infrastructure.

For more information about ARK for SharePoint 2010 visit our product homepage at:

http://www.vyapin.com/products/sharepoint/sharepoint-2010/arksp/sharepoint-2010-reports.htm