Help Center

Third-party software Contact us

On-demand reports

On-Demand Reports can be used to instantly retrieve specific file security or storage information as needed. They are available under the On-Demand Reports tab.

The list of available On-Demand Reports are:

  • Effective Permissions: Shows the effective permissions of users on the selected folders. You can choose to omit the AD objects that do not have any permissions by checking the box available below the report parameters.
  • All Shares: List all the shared folders in a selected server with details on the share name, type, share path, local path, security permissions (access and audit) and share permissions.
  • Open Sessions: Lists all the open user sessions in the server with details on the host IP, the username, connected time, idle time, and the number of open files.
  • Open Files: Lists the files that are open at the time the report is generated.
  • Junction Points: A junction point refers to a directory that redirects to another directory on the local device. For example, if folder A redirects to folder B, which is present on the same drive or a different drive on the same device, then folder A is a junction point. This report will list both folders A and B.
  • Privileged Users: Lists the users with excessive privileges. Here, excessive privileges refer to the specific permission for which you generate the report.
  • Orphaned Files: Displays the location of files and folders owned by deleted users.
  • NTFS Permissions: Displays the security permissions users have over folders.
  • Empty Folders: Lists all the empty folders within a specific folder.
  • Explicit Permissions: Lists all users who have been granted explicit permissions over folders, subfolders, or files. You can define the type of permission you wish to generate the report for in Report Configuration. Inherited permissions are not considered while generating this report.

Configuring parameters for On-Demand Reports

On-Demand Reports can be generated by defining the following report parameters:

Report parameter Description
Server Name The server you wish to scan.
AD Objects The users, groups, or well-known security IDs you wish to analyze.
Folders The shares or local folders you want to scan in the target server. Local folders refer to folders that have not been shared with users and can be added to the scan by specifying the folder path.
Subfolder Level The depth of subfolder levels you want to scan. You can scan only the target folder, leaving out the child items by choosing No Sublevel in the drop-down. Or, you can choose to scan one, two, or all sublevels.
Scan Choose the directory object you want to scan. You can choose between scanning only files, only folders, or both files and folders.
Permission Choose a particular permission you wish to track. For example, generating the list of users who have Full Control. Applicable only to Privileged Users and Explicit Permissions reports.

File Analysis offers granular reporting to help access specific data easily. Here are some instances where you'll find our reports helpful.

  • Examine all the privileges users have over shared files: Let's say you want to track the permissions of a user, say John Smith, across all the files inside a particular parent folder and its child folders located in server FS01. You can do this by going to File Analysis > On-Demand Reports > Effective Permissions, and setting the parameters as:

    Server Name: FS01
    AD objects: John Smith
    Folders: D:\Contracts\Vendors
    Subfolder Level: All Sublevels
    Scan: Files only

  • View which users have the particular permission to run executables: If you want to find which users can execute programmables within a local folder, you can retrieve the information by generating the Privileged Users report. This report considers privileges specified by you for reporting. For example, to view which users have the Read and Execute permission on the D:\Marketing\Contracts folder, go to File Analysis > On-Demand Reports > Privileged Users, and set the parameters as:

    Server Name: FS01
    Permission: Read and Execute
    Folders: D:\Marketing\Contracts (Specify folder path in the Add Folder Path box)
    Subfolder Level: All Sublevels
    Scan: Folders only

  • View which users have explicitly been granted Full Control permission: You can find which users have Full Control over shared files in server FS01 by going to File Analysis > On-Demand Reports > Explicit Permissions and setting the parameters as:

    Server Name: FS01
    Permission: Full Control
    AD Objects: ALL
    Folders: D:\Marketing\Contracts
    Subfolder Level: No Sublevel
    Scan: Files only

Note: On-Demand Reports can only be generated if the Local System Account has Read permission over the selected folders.

Follow the steps below to generate reports:

  • Select File Analysis from the application drop-down.
  • Select On-Demand Reports.
  • Define the server and other scan parameters as required.
  • Click Generate Report.

Note: You can view the scan progress, errors (if any), and associated error messages in the right-side panel. These errors might be due to lack of permissions to the Local System Account, inability to find the directory or estimate the size of the share, or other unknown errors. To resolve unknown errors, contact support@datasecurityplus.com.

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

     
  • Request additional resources

    Send us your requirements.