Navigation Menu Products Knowledge About NetVision Contact Us Customer Support NetVision Blog


Access Rights Inspector

Who Has Access to What? Understanding Access Rights in Microsoft Windows and Active Directory generally requires complex and time consuming research. While rights are sometimes granted explicitly to an individual, actual permissions are often granted or denied based on a combination of explicitly assigned rights, group memberships, inherited rights, and negative or "denied rights". In fact, granting permissions explicitly to individual user accounts is generally considered a bad practice.

So, how do you figure out if a particular account has specific access to a particular resource?
Expert Insight on Windows Access Rights

One option is to manually walk through the tree accounting for all possible combinations of ways in which permissions may have been granted (including nested group memberships, inherited permissions, etc.). Not only does this method waste time and effort, but the results you get may be incorrect by the time the report is finished.

NetVision provides a better option. It's quick to implement, easy to use, and more cost-effective than traditional manual processes.

NetVision changes the game for Access Rights Reporting

NetVision's Access Rights Inspector provides complete answers on user access rights for both the Windows File System and Active Directory. We can tell you where rights have been explicitly assigned and also analyze all rights assignments to give you the calculated result of who has what access.

Click here for a quick, 3-minute online demo of Access Rights Inspector.
Access Rights Inspector - 3-Minute Demo
In this video, we show how
Access Rights Inspector provides an immediate view into access rights for a particular file and how those rights are granted.

Access Rights Inspector Report Types

  • Effective Rights: Calculates rights accounting for group memberships, inheritance, direct assignments, and other factors.
  • Explicit Rights: Provides visibility into individual permission settings. To determine actual permissions, explicit rights must be evaluated in relation to other settings.
  • Direct User Assignments: Reports on instances where a user account has been granted access directly to a resource. Direct User Assignments contradict industry best practices.
  • Deny Entries: Reports on instances where permissions have been explicitly denied. Excessive use of Deny Entries complicates rights management.
  • Group Memberships: Reports on group membership assignments.

Access Rights Inspector Capabilities

  • Report on currently assigned Access Rights and Permissions on Windows File System files and folders.
  • Report on currently assigned Access Rights and Permissions on Active Directory directory objects.
  • Report on HOW permissions are granted.
  • Report on Active Directory Group Memberships.
  • Report on Direct User Assignments.
  • Report on Explicitly Denied permission settings.

* Related NetVision Capabilities

  • Monitor Rights and Permission changes on files and folders.
  • Monitor Property changes on files and folders.
  • Monitor Group Memberships and send alerts when critical groups are updated.
  • Monitor changes to User Accounts such as new accounts, re-enabled accounts, updates to critical attributes, and more.
  • Monitor User Activity such as who is viewing or making changes to a file or folder.
  • Report or Alert on Who, What, When, Where & How for all of the above.

Access Rights Inspector Ease of Use

  • Report Creation Wizard: New reports can be generated with the help of a wizard that walks users through a series of steps to define report parameters.
  • Saved Reports: Users can save reports for future use based on a set of users or groups, a set of resources, and a set of permissions.
  • Report Format Options: Report results can be displayed in traditional Table format where columns represent sortable fields of information or Tree View format which displays a collapsable tree that can be manually explored.
  • Report Point-of-View Options: Reports can be created based on either a User-Centric View (which displays permissions per user) or a Resource-Centric View (which displays permissions per resource).
  • Flexible and Powerful: Report Types and flexible filtering criteria enable a single, highly flexible and powerful solution that allow easy reporting that meets the specific individual needs of any organization.

Free 15-Day Trial of Access Rights Inspector

Please contact NetVision or visit our products page to learn more about how NetVision solutions can be implemented to support improved security and simplified audit of your organization's Active Directory and Windows infrastructure!

To get a complete picture of NetVision's capabilities and ownership options, please sign up for a Free product demonstration >>

Three Gray Blocks