- FREE: File Permissions Check – Compare folder and file permissions - Fri, Feb 20 2015
- FREE: ABC-Deploy – Software deployment and inventory - Wed, Apr 16 2014
- FREE: AD Permissions Reporter – View Active Directory permissions - Fri, Feb 7 2014
Submitted by Chris Wright
It is common for certain AD permissions to be delegated to non-admin users or first-line support technicians so that they can perform administrative tasks without having full Domain Admin rights. However, it is not so common for these delegated permissions to be well documented and kept track of.
AD Permissions Reporter
AD Permissions Reporter was designed to allow you to quickly view permissions on the entire domain, or in a specific sub tree of OUs, and provide the results in a format that is easier to read than the output from PowerShell scripts and other tools. The tool can also expand groups to show you direct and nested group members wherever a group has been used in permissions so that you can see exactly who it is that is being granted/denied that permission.
AD Permissions Reporter - Table view
In the Standard Edition, you can use the filtering capabilities to locate specific permissions (for example, all objects where a specific user/group has been granted the “Reset Password” permission, or all permissions that are not inherited, or all objects that have different permissions to their parent container, etc.). However, the Free Edition still allows for reports to be customized to only include specified OUs and, optionally, to include child objects. Results can be displayed either in tree format or in table format and can be exported to a CSV file or an HTML file (with more formats available in the Standard Edition).
You can download AD Permissions Reporter here.