By default, NTFS Security Auditor uses the currently logged on user context to connect to a domain/server. If NTFS Security Auditor determines that the currently logged on user does not have sufficient permissions on the specified server, a ‘Enter Network Password’ dialog appears allowing the user to enter user credentials to connect to the server. NTFS Security Auditor then establishes a session with the destination domain/server, using the user credentials specified.
If ‘Use Active Directory Services’ is selected as Computer Enumeration option, then you can specify alternate domain credential (having domain administrator privileges) for managing all computers in each domain. In this case, NTFS Security Auditor establishes a session with the destination domain/server of the specified domain, using the specified user credential.
To view information about a Windows Server on the network, the currently logged on user or the user credentials specified must:
To generate reports for domains and the corresponding member servers, ensure the following settings are set appropriately:
NTFS Security Auditor stores the data in the application database once it gathers the data for the selected domain/server for the first time. NTFS Security Auditor displays data from the local data store until the data is refreshed.
To “Refresh/Redo” data, press F5 click ‘Refresh’ from the menu/toolbar.
Using the Power Export feature in NTFS Security Auditor, you can setup and schedule reports for periodic generation. Power Export allows you to select multiple reports to be run for several domains and servers across the enterprise at scheduled intervals. You can export / e-mail the reports in different file formats.
For retrieving Windows Server information, NTFS Security Auditor creates schedule tasks in Windows Task Scheduler. Based on the settings provided in the Power Export Wizard, the task will run under the specified user account context and retrieve Windows Server information at specified intervals.
NTFS Security Auditor allows the users to customize report views using the ‘Customize’ tool. The ‘Customize’ tool maintains the fields displayed in a report for each domain/server. Check whether ‘Customized’ icon is displayed at the left bottom of main application screen status bar. If so, you may have used the customize tool and selected the fields to display. The customized fields will be stored and used even when the application is closed and re-opened.
The ‘Filter’ tool maintains the data to be displayed in a report for each domain/server under each report category. Check whether the ‘Filtered’ icon is displayed in the left bottom of your screen status bar. If so, you may have used the Filter tool and provided the conditions for displaying the information. The filter conditions set will be stored and used even when the application is closed and re-opened.
When collecting data, you have the provision to cancel the report collection. Check whether ‘Canceled’ icon is displayed at the left bottom of your screen status bar. If so, you may have canceled the data collection. Click on the tab/server to collect the data again.
The list of groups in which the user is directly or indirectly (nested) member of are reported in ‘Type (Inherited & Explicit)’ field after “Inherited from: ” text in the effective permissions report. Effective permission is resultant permission that is calculated using the permissions that are set explicitly and inherited by way of user membership in groups.
Consider a user named ‘John’ reported under ‘User/Group Name’ field with the following values for ‘Type (Inherited & Explicit)’ field:
Example 1: “Inherited from: pathfinder\administration” denotes that the user is a member of ‘administration’ group directly.
Example 2: “Inherited from: pathfinder\research -> pathfinder\design -> pathfinder\development” denotes that the user is indirect member of “research” by means of nested group design and development.
When the Computer Enumeration option is set to ‘Use Active Directory Services’, NTFS Security Auditor queries Active Directory for enumerating servers present in a domain. During this process, NTFS Security Auditor tries to connect to the Active Directory Server (Domain Controller) of the specified domain internally. If NTFS Security Auditor is unable to find the domain controller for the selected domain, it will display the stated message. The following may be one of the reasons for such scenario:
When the Computer Enumeration option is set to ‘Use Active Directory Services’, NTFS Security Auditor queries Active Directory for enumerating domains present in a forest. During this process, NTFS Security Auditor tries to connect to the Active Directory Server (Domain Controller) of the specified forest internally. If NTFS Security Auditor is unable to find the domain controller for the selected forest, it will display the stated message. The following may be one of the reasons for such scenario:
To run the DAC Reports, the currently logged on user must:
No. DAC Reports will work only for the current domain from which the application is being run. If you wish to run DAC reports for a remote domain, you must run the application on a computer belonging to that domain.