How to Detect Who Has Access to What Data on Windows File Servers 

{{ firstError }}
We care about security of your data. Privacy Policy
Native Auditing Netwrix Auditor for Windows File Servers
Native Auditing
Netwrix Auditor for Windows File Servers
Steps
  1. Open Powershell ISE and create new script with the following code (define path on the file server and name of the user):

dir -Recurse \\fs1\Shared | where { $_.PsIsContainer } | % { $path1 = $_.fullname; Get-Acl $_.Fullname | % { $_.access | where { $_.IdentityReference -like "ENTERPRISE\J.Carter" } | Add-Member -MemberType NoteProperty   '.\Application Data' -Value $path1 -passthru }} | Export-Csv "C:\temp\AccountPermissions.csv"

  1. Run the script.
  2. Open the file produced by the script in MS Excel.
How to Detect Who Has Access to What Data on Windows File Servers with PowerShell
  1. Run Netwrix Audor → Click "Reports" → Navigate to File Servers → Choose "File Servers State-in-Time" → Select "Account Permissions"→ Click "View".
  2. To save the file, click the "Export" button → Select PDF format → Save as → Choose a location to save it.
Who Has Access to What Data on Windows File Servers with Netwrix Auditor

How to Detect Who Has Access to What Data on Windows File Servers

Although security breaches can originate from external attacks, they can also stem from insider activity. If users are granted excessive permissions that enable them to access, copy, distribute, modify or delete files on file servers, it can lead to disruption of critical business processes, exposure of sensitive data or even a full-scale data breach.

Related How-tos