- Free Edition
- Quick Links
- Reporting
- Auditing
- Management
- Backup
- Migration
- Monitoring
- Alerts
- Highlights
-
Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Hybrid AD, cloud, and file auditing and security
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- EventLog Analyzer Real-time Log Analysis & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- DataSecurity Plus File server auditing & data discovery
- RecoveryManager Plus Enterprise backup and recovery tool
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools
SharePoint Manager Plus offers a wide range of permission reports as part of its SharePoint reporting capabilities. These reports help administrators monitor and manage SharePoint without the struggles posed by native admin centers. One such report in SharePoint Manager Plus is the File Permissions report.
Why you need the File Permissions report
Every SharePoint site contains a large volume of files, and each one can have a different permission structure. Sensitive contracts, financial records, and HR documents may sit in libraries where permissions have been broken, reassigned, or shared externally over time. Without a centralized view, you are left checking access manually one file at a time, with limited visibility into who can access what.
Poor visibility into file access can create serious security and compliance risks. IBM’s Cost of a Data Breach Report 2024 found that "40% of breaches involved data stored across multiple environments, including public cloud, private cloud, and on-premises" systems, and these breaches cost an average of USD 5 million. For organizations that use SharePoint alongside Microsoft 365 and other cloud services, file-level access governance is a practical security priority.
Without a file permissions report, your team is forced to react to access issues after they occur. You may discover unintended external sharing only after a data leak, or you may realize during an audit that a former employee still has access to sensitive files. Manually tracing permissions through nested groups and inheritance layers is time-consuming, error-prone, and difficult to scale across a growing environment.
The File Permissions report gives you that visibility, helping you stay on top of access before it becomes a liability:
- Spot broken inheritance and unique permissions: Identify files and folders that have been removed from their parent's permission scope, which often indicates ad hoc access changes that bypass governance policies.
- Catch unintended external exposure: Detect files shared with external users or through anonymous sharing links so you can revoke access on items that should never have left the organization.
- Audit group-based access at scale: Resolve SharePoint and security group memberships down to individual users so you know exactly who inherits permissions through which group.
- Support offboarding and role changes: Quickly find every file a departing employee or transferred user can access, then remove or reassign permissions before access becomes a risk.
- Enforce the principle of least privilege: Spot users and groups with Full Control or Edit rights on files they no longer need, then tighten permissions to match their current job functions.
What is the File Permissions report in SharePoint Manager Plus?
The File Permissions report shows which users, groups, and external users have access to files, folders, and libraries across your SharePoint sites. It includes details such as the site location, object name and path, assigned user or group, principal type, group membership breakdown, permission level, inheritance status, and other user properties.
Compliance standards supported by the File Permissions report
Organizations across industries are subject to information security standards such as ISO/IEC 27001, NIST SP 800-53, HIPAA, SOX, and the GDPR. Many of these frameworks require organizations to document, review, and restrict access to sensitive data.
The File Permissions report supports these efforts by giving you an environment-wide view of who can access specific files, folders, and libraries in SharePoint. This visibility helps you demonstrate that access rights are reviewed regularly, that the principle of least privilege is being applied, and that permissions on sensitive content are aligned with internal policies.
What does the File Permissions report show?
Using SharePoint Manager Plus, you can filter the File Permissions report with the following fields:
- Farm:Select the specific tenant or farm where you want to analyze file-level permissions across SharePoint sites.
- Site: Filter by a specific SharePoint site or site collection to scope the report to the libraries and files that matter to your audit.
The File Permissions report displays the following details for every user:
| Attribute | Description |
|---|---|
| Site Url | The web address (URL) of the SharePoint site where the file is located |
| Object Name | The name of the file, folder, or list item for which permissions are being reported |
| Location | The full path or library location of the object within the SharePoint site, indicating where the file resides |
| User/Group Name | The name of the user account or SharePoint group that holds permissions on the object |
| Principal Type | Indicates whether the assigned principal is an individual user, security group, SharePoint group, or external user |
| Group Members | The list of members within a SharePoint or security group that has been assigned permissions on the object |
| Permissions | The permission level granted to the user or group, such as Full Control, Edit, Contribute, Read, or View Only |
| Is Inherited | Indicates whether the object inherits permissions from its parent site or library or has unique permissions applied |
| Modified On | The date and timestamp when the file's permissions or content were last modified |
| Created Date | The exact date and timestamp when the object was created in SharePoint |
| Hierarchy Level | Indicates the level of the object within the SharePoint hierarchy (a site, library, folder, or file) |
Native SharePoint admin portals and PowerShell vs. SharePoint Manager Plus
In the SharePoint admin center, you often have to navigate to individual sites and open the Manage Access dialog box for each file or folder to review permissions. That approach becomes impractical when you need a tenant-wide view.
PowerShell, including the SharePoint Online Management Shell and PnP PowerShell modules, can help fill some of these gaps. You can use scripts to export permissions in bulk, resolve group memberships, and crawl libraries recursively. However, scripts require technical expertise, can break when APIs change, do not include built-in scheduling or email delivery, and often produce raw CSV files that still need cleanup before they are ready for audits or stakeholder reviews.
Benefits of SharePoint Manager Plus' File Permissions report over SharePoint reports
With SharePoint Manager Plus, the File Permissions report gets the power and granularity of PowerShell with the convenience of an admin center.
| Capability | SharePoint admin center | PowerShell | The SharePoint Manager Plus advantage |
|---|---|---|---|
| Report accessibility | ❌ Manual filtering is required every time |
❌ Script execution is required for every run |
✅ Get one-click access to categorized reports |
| Custom reports | ❌ | ❌ | ✅ Create custom reports by saving granular, attribute-based conditional filters |
| Report exports | ✅ Reports can be exported only in CSV or JSON format |
✅ It requires additional scripting to format and export data |
✅ Export reports in CSV, HTML, PDF, and XLSX formats |
| Emailing reports to admins | ❌ | ❌ | ✅ Send report emails to stakeholders and admins in preferred formats |
| Automated report generation | ❌ This requires technical scripting or separate complex add-ons |
❌ This requires Task Scheduler or Azure Automation |
✅ schedule multiple reports that can be generated, filtered, emailed, and exported between defined |
For a more detailed comparison, check out this page on how to check SharePoint permissions.
Features that enhance the File Permissions report
SharePoint Manager Plus provides several built-in tools to help you automate reviews, share findings, and act on permission risks surfaced by the File Permissions report:
- Exportable reports: Download the report in multiple formats, including CSV, PDF, HTML, or XLSX, for sharing data with department heads or maintaining offline records for compliance.
- Automated report generation: Set the File Permissions report to be generated at specific intervals (daily, weekly, or monthly) to conduct permission audits regularly without fatigue.
- SharePoint alerts for permission changes: Configure alerts to notify admins when a file's inheritance is broken, when Full Control is granted to a new user, or when a sharing link is created for sensitive content.
- Bulk permission management: Grant, remove, or copy file permissions across multiple users and groups directly from SharePoint Manager Plus' interface without writing scripts or jumping between consoles.
- Permission change auditing: Cross-reference the File Permissions report with the audit trail to see who modified an object's access, when the change happened, and what the previous state looked like.
Reports that complement the File Permissions report
If you are auditing access control across your SharePoint environment, SharePoint Manager Plus provides several other reports that complement the data found in the File Permissions report:
- Folder Permissions report: View access to the folders containing your files. Use it alongside the File Permissions report to check whether a file's exposure starts at the file itself or is inherited from its parent folder.
- List Permissions report: Surface permissions set at the list or library level. Pair it with the File Permissions report to trace where a file's access actually originates.
- Externally shared file reports: Identify files that have been shared with external users or through anonymous links. Pair this with the File Permissions report to investigate which sensitive files have been exposed outside the organization and revoke access where required.
- SharePoint Groups Permission report: See which groups hold permissions on each site and who belongs to them. Use it alongside the File Permissions report to investigate whether a file's access stems from group memberships rather than direct user assignments.
- Permission changes audit reports: Track every modification to permissions, including details on who made the change, the affected object, and the old and new permission states. This complements the static view offered by the File Permissions report with a historical trail.
Other features of SharePoint Manager Plus
- SharePoint management: Grant, remove, or copy SharePoint permissions and manage group members in bulk without relying on complex scripts, simplifying your SharePoint administration.
- SharePoint reporting: Access over 140 prebuilt and custom reports for SharePoint, including on permissions, site usage, the content inventory, and security insights—all from a centralized dashboard.
- SharePoint auditing: Maintain a comprehensive, searchable audit trail of all activities across your SharePoint environment, including user actions, permission changes, and content modifications.
- SharePoint alerting: Get real-time alerts on critical events such as permission changes, suspicious user activities, site access anomalies, and policy violations.
- Delegated administration: Empower help desk technicians with granular, role-based access for performing specific SharePoint administrative tasks without elevating native privileges.
- SharePoint migration: Simplify SharePoint migration by enabling seamless content and permission migration across sites and tenants with minimal downtime and full visibility into the migration progress.
