- Free Edition
- Quick links
- Active Directory management
- Active Directory reporting
- Active Directory delegation
- Active Directory permissions management and reporting
- Active Directory automation
- Governance, risk, and compliance
- Microsoft 365 management and reporting
- Microsoft 365 management and reporting
- Microsoft 365 management
- Microsoft 365 reports
- Microsoft 365 user management
- Microsoft 365 user provisioning
- Microsoft 365 license managementn
- Microsoft 365 license reports
- Microsoft 365 group reports
- Dynamic distribution group creation
- Dynamic distribution group reports
- Exchange management and reporting
- Active Directory integrations
- Popular products
ADManager Plus, a web-based Active Directory (AD) management and reporting solution, combines the capabilities of an end-to-end identity management solution and file server permissions management software into a single console. With ADManager Plus, you can manage the access permissions of multiple folders and files at once, or granularly assign permissions for individual files and folders.
File server management
Leave no room for misuse or tampering of data with disciplined, accurate management of permissions. Modify or remove NTFS and share permissions in just a few easy clicks.
Set or modify NTFS permissions
Specify the access rights that users have on network files and folders. Set the access level or folder level at which accounts can exercise the given permissions.
Add or modify share permissions
Specify the type of permissions that user accounts have on a shared resource. Define the folder level at which the accounts have the designated permissions.
Remove permissions
Revoke the NTFS and share permissions that have already been assigned to users for specific folders and files.
Delegate management of Windows file servers
- Use ADManager Plus' role-based delegation capability to delegate file permissions management of servers to any user or security group.
- Permissions assigned in ADManager Plus do not change the actual AD permissions of the user or group, so you can delegate file server management securely.
- Receive real-time notifications whenever the permissions for a user or group are modified.
Management of share and NTFS permissions: Best practices
-
Just-in-time access: Provide access to critical resources only when a request for access is raised. Revoke the permissions once the task is completed.
-
Just enough permissions: Do not assign file or shared folder permissions to everyone. Giving users access to everything is a bad practice, especially in the case of permissions. Provide only the required type and level of resource access to accounts to prevent insider attacks and misuse of permissions.
-
Bulk administration of permissions: Instead of assigning the same permissions to the same user account for multiple folders one after the other, perform bulk administration of permissions. Assign permissions for multiple folders to multiple user accounts at once with ADManager Plus.
-
Time-based permissions management: To ensure data security, set a time limit after which the assigned permissions must be automatically revoked.
FAQs
The access to files for users, groups, or applications is regulated by NTFS file permissions, comprising reading, modifying, and executing files. There are five types of NTFS file permissions.
| NTFS file permission | Allowed access |
| Read | Users or groups can read file and view attributes, ownership, and permissions. |
| Write | Users or groups can overwrite, change attributes and rename files. |
| Read & Execute | Users or groups can run the application and perform all duties allowed by the Read permission. |
| Modify | Users or groups can modify, delete, and perform all actions allowed by NTFS permissions. |
| Full Control | Users or groups can modify file permissions, take ownership, and perform permitted actions. |
NTFS permissions and share permissions are two distinct sets of permissions used in Windows operating systems to control access to files and folders. Here are five points explaining the differences between NTFS permissions and share permissions:
- Scope: NTFS permissions secure data locally, while share permissions control access to shared resources on a network.
- Granularity: NTFS permissions offer detailed control over files and folders for individual users or groups, while share permissions are simpler and offer three access levels: Full Control, Change, or Read.
- Inheritance: NTFS permissions are inherited by default, simplifying management, while share permissions do not inherit and only apply to the shared folder.
- Interaction: When NTFS and share permissions overlap, the most restrictive one applies. So, a user with Full Control NTFS permissions but only Read share permissions will have Read access. Proper configuration of both permissions is crucial to prevent conflicts.
- Security context: NTFS permissions apply locally to files and determine a user's ability to access or modify them on their machine. Share permissions, in contrast, are enforced at the network level and govern access to shared folders regardless of local NTFS permissions.
ADManager Plus offers these GUI-based reports to eliminate the need to struggle with complicated options like PowerShell scripts to query Active Directory. The following are the NTFS share and folder permissions reports that can be generated and also exported to XLS, CSV, PDF, HTML, and CSVDE formats.
- Shares in the Servers: Lists the shares and their respective permissions.
- Permissions for Folders: Lists the users and groups that have access to folders in a specified path.
- Folders Accessible by Accounts: Lists folders over which the specified accounts have permissions.
- Non-Inheritable Folders: List folders protected from inheritable permissions.
Other features
Active Directory User Reports
Exhaustive reporting on Active Directory Users and user-attributes. Generate reports in user-activity in your Active Directory. Perform user-management actions right from the report interface!
Active Directory Compliance Reports
Active Directory reports to assist you for compliance to Government Regulatory Acts like SOX, HIPAA, GLBA, PCI, USA PATRIOT...and much more! Make your organization compliance-perfect!
Active Directory Management
Make your everyday Active Directory management tasks easy and light with ADManager Plus's AD Management features. Create, modify and delete users in a few clicks!
Terminal Services management
Configure Active Directory Terminal Services attributes from a much simpler interface than AD native tools. Exercise complete control over technicians accessing other domain users' computers.
Active Directory Cleanup
Get rid of the inactive, obsolete and unwanted objects in your Active Directory to make it more secure and efficient...assisted by ADManager Plus's AD Cleanup capabilities.
Active Directory Automation
A complete automation of AD critical tasks such as user provisioning, inactive-user clean up etc. Also lets you sequence and execute follow-up tasks and blends with workflow to offer a brilliant controlled-automation.
Need Features? Tell Us
If you want to see additional features implemented in ADManager Plus, we would love to hear. Click here to continue
