Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

How to manage NTFS security permissions with PowerShell and ADAudit Plus

Native PowerShell offers little in the way of NTFS management. To view NTFS permissions in PowerShell, you'll be required to download NTFSSecurityModule that was developed by Microsoft. This requires some prerequisite setup before you can run the module. The NTFSSecurity module does equip you with the ability to manage NTFS permissions via PowerShell, however if you do prioritize having a simpler interface to do this, you can try ADAudit Plus. The simple user interface doesn't take much time to setup and you can view NTFS permissions easily from the dashboard. The dashboard also allows you to easily manage file permissions for NetApp, EMC, and Windows File Servers.

The following is a comparison to show how you can manage NTFS permissions with PowerShell and ADAudit Plus.

Windows PowerShell

Steps to manage NTFS permissions in Windows PowerShell

  • Import the NTFSSecurity Module. You need to also change server execution policy using the 'SetExecutionPolicy' cmdlet before you import the module.
  • Define the folder to be monitored and run Get-NTFSAccess cmdlet to view permissions to a file or folder.
  • You can execute NTFSSecurity Module cmdlets only after the execution policy has been imported. The module needs to be imported each time you want to view NTFS permissions.
  • Execute the script.
  • test

Code to manage NTFS permissions

@{
    ModuleToProcess = 'NTFSSecurity.psm1'

    ModuleVersion = '4.2.4'

    GUID = 'cd303a6c-f405-4dcb-b1ce-fbc2c52264e9'

    Author = 'R.Andree'

    CompanyName = 'R.Andree'

    Description = 'Windows PowerShell Module for managing file and folder security on NTFS volumes'

    PowerShellVersion = '2.0'

    DotNetFrameworkVersion = '3.5'

    ScriptsToProcess = @('NTFSSecurity.Init.ps1')

    TypesToProcess = @('NTFSSecurity.types.ps1xml')

    FormatsToProcess = @()

    NestedModules = @('NTFSSecurity.dll')

    AliasesToExport = '*'

    CmdletsToExport = 'Add-NTFSAccess',
        'Clear-NTFSAccess',
        'Disable-NTFSAccessInheritance',
        'Enable-NTFSAccessInheritance',
        'Get-NTFSAccess',
        'Get-NTFSEffectiveAccess',
        'Get-NTFSOrphanedAccess',
        'Get-NTFSSimpleAccess',
        'Remove-NTFSAccess',
        'Show-NTFSSimpleAccess',
    #----------------------------------------------
        'Add-NTFSAudit',
        'Clear-NTFSAudit',
        'Disable-NTFSAuditInheritance',
        'Enable-NTFSAuditInheritance',
        'Get-NTFSAudit',
        'Get-NTFSOrphanedAudit',
        'Remove-NTFSAudit',
    #----------------------------------------------
        'Disable-NTFSAccessInheritance',
        'Disable-NTFSAuditInheritance',
        'Enable-NTFSAccessInheritance',
        'Enable-NTFSAuditInheritance',
        'Get-NTFSInheritance',
        'Set-NTFSInheritance',
    #----------------------------------------------
        'Get-NTFSOwner',
        'Set-NTFSOwner',
    #----------------------------------------------
        'Get-NTFSSecurityDescriptor',
        'Set-NTFSSecurityDescriptor',
    #----------------------------------------------
        'Disable-Privileges',
        'Enable-Privileges',
        'Get-Privileges',
    #----------------------------------------------
        'Copy-Item2',
        'Get-ChildItem2',
        'Get-Item2',
        'Move-Item2',
        'Remove-Item2',
    #----------------------------------------------
        'Test-Path2',
    #----------------------------------------------
        'Get-NTFSHardLink',
        'New-NTFSHardLink',
        'New-NTFSSymbolicLink',
    #----------------------------------------------
        'Get-DiskSpace',
        'Get-FileHash2'

    FileList = @('NTFSSecurity.dll', 'NTFSSecurity.types.ps1xml', 'NTFSSecurity.format.ps1xml', 'NTFSSecurity.Init.ps1', 'NTFSSecurity.psm1')

    PrivateData = @{ 
        EnablePrivileges = $true
        GetInheritedFrom = $true
        GetFileSystemModeProperty = $true
        ShowAccountSid = $false
        IdentifyHardLinks = $true

        PSData = @{
            Tags = @('AccessControl', 'ACL', 'DirectorySecurity', 'FileSecurity', 'FileSystem', 'FileSystemSecurity', 'NTFS', 'Module', 'AccessRights')
           
    }
}
 Copied
Click to copy entire script

ADAudit Plus

To obtain the report,

  • Login to ADAudit Plus web console using authorized credentials. Navigate to the 'File Audit' tab and select 'Folder Permissions'. You can view folder permissions here.
  • You can view share permissions by accessing 'Server Audit' and selecting 'Network Share Changes' from 'Network share auditing' tab.

Screenshot:

ntfssecurity-1

Why ADAudit Plus is the better solution for you?

  • Audit and generate reports for Windows file server, NetApp and EMC servers.
  • Get instant alerts of any file creations or modifications.
  • View detailed reports on file permissions and SACL changes.
  • Avoid complex PowerShell-scripting, and simplify AD change auditing with ADAudit Plus.
  •  
  • By clicking 'Get Your Free Trial', you agree to processing of personal data according to the Privacy Policy.
  •  
  • Thanks!
  • Your download is in progress and it will be completed in just a few seconds! If you face any issues, download manually here.

Related Resources

ADAudit Plus Trusted By