SolarWinds Access Rights Auditor is a free tool, designed to scan your Active Directory and file system, and evaluate possible security risks due to existing user access rights.
Active Directory and file servers are at the heart of nearly every IT infrastructure today; excessive user access rights can pose a significant risk to your organization’s data. Accessing data on purpose or per accident over privileged users can harm your company, but with Access Rights Auditor you can analyze additional risk areas as expiration of passwords, direct user access, everyone access and more.
- No installation required – simply run Access Rights Auditor from the desktop of your Microsoft Windows computer.
- Active Directory and File Server scan – scan your Active Directory and any File Server (FS) and/or Network Area Storage Server (NAS) folders exposing their shares via the CIFS protocol in your network.
- Quick or Deep scan mode – select either a fast overview scan or a more in-depth review of the permissions in the selected folder structure.
- Risk overview dashboard – examine the scan results for your Active Directory and file servers on a dashboard with visual indicators for each risk category across the entire scanned environment.
- Scan results – see results by privileges set for each scanned folder, including sharing and NTFS permissions. View direct permissions given to users and groups. Each category shows samples of specific results.
- Export to PDF – easily generate a printable PDF report of the scan results.
- Scan history – access results of the previous scan.
Single core 2.0GHz
Windows 10, Server 2012R2, Server 2016
.Net Framework 4.7.1
Other requirements and limitations
- Access Rights Auditor needs to be executed on a computer being member of the scanned Active Directory domain.
- To scan the Active Directory and file server structure appropriate permissions are required. For Active Directory usually a standard user account is sufficient; on file servers local backup operator privileges might be required to scan all folders.
- Maximum scan size and depth varies depending on RAM and hard disk space available to Access Rights Auditor.
Download and run the tool for the first time
- Download the free tool here (https://www.solarwinds.com/free-tools/access-rights-auditor).
- Unzip the tool.
- Double-click the "Solarwinds Access Rights Auditor Setup" file.
- Follow the instructions and accept the terms of the license agreement.
When you launch Access Rights Auditor, the start screen is displayed. Here, you can provide the necessary details to start your scan or access the results of the previous scan.
1. First select the type of scan, choices available are…
- Quick Scan, fast scan on high directory levels
- Deep System Scan, slow scan going down to deeper directory levels
2. Now enter either the path to the folder you want to scan in the text box or click on the folder symbol to browse your system and select the folder. Note, you can also enter an UNC path in the text box to scan remote servers.
3. Click "New Scan" to start the scan of the selected target.
4. When you launch Access Rights Auditor for the first time the "Last Scan" section will be empty. If a last scan is available, you can click on "View Results" to get into the results view of that scan.
The next screen shows the progress of the scan and each of its sub tasks.
5. If needed you can cancel the scan any time by clicking on "X". Note, all data scanned to that point of time will be lost.
Soon after the scan has been completed or you have loaded the results of the previous scan, the results view will be displayed. The view is split in the left side showing the starting point of the scan and the overall risk summary on the right side.
From here you have different options to follow:
6. Click on "Print details" to get into a printable view of the Overall Risk Summary that can also be exported as PDF.
7. Click on "description/learn more" to learn more about a risk. This will be displayed in an overlay window.
8. Click directly into a risk tile, e.g. the "Never expiring password" tile to get up to 5 examples of objects affected by that risk displayed on the left side.
9. Click on "View Permission Risks" and the folder details view will be displayed.
10. Use the search box to search for a user or group to analyse its risks, permissions, group memberships and Active Directory properties. Simply enter the text you want to search for and press enter. The search results view will be displayed.
This split view shows you the file server structure with its parent and sub folders on the left side and the corresponding risks and permissions on the right side. In the risks section you see not only direct risks of the folder but also indirect risks that might have been inherited e.g. due to inactive users still having access to the folder. Below that in the permissions section users and groups that have access to the folder are listed.
11. Clicking on a sub folder will allow you to traverse through the file server structure.
12. Clicking on a user or group will take you in the user details view.
This view displays you the search history and all hits of your current search in the different categories available like folders, users and groups.
13. Clicking on a folder will redirect you to the folder details view of that folder.
14. & 15. Clicking on a user or group will redirect you to the user details view.
The user details view shows all folders the user or group has access to and provides the option to retrieve the corresponding AD properties and group memberships.
16. Hovering over the "i" symbol will display AD properties about the selected user or group in an overlay window.
17. Clicking on a folder will redirect you to the folder details view.
18. Clicking on "Memberships" will display a list of groups the selected user or group is member of.
Please note, objects like users, groups or folders and their corresponding views are connected to each other allowing you to easily navigate between the different views by simply selecting the object you want more details about.