Hi Guys,I have been tasked with reviewing a customers current NTFS permissions and to produce a reccomendation as to any changes that should be implemented.My first question- is there any free tools out there that will produce a report of current permissions on files and folders?Secondly, is there any Microsoft Best Practise documentation for recommendations of NTFS permissions and security?Any help would be greatly appreciated.Thanks,Nick.

Hi Nick,You can make use of ICACLS (or XCACLS) to generate a report of the NTFS permissions of, say, a file share (or the entire C: drive of a computer, for that matter). For example, to save the ACLs of the files under the C:\DATA folder and all its subdirectories to a log file:icacls c:\data\* /save Data_NTFS.log /THere are some NTFS best-practice documents you may want to look into:Best Practices for Securing Files with NTFS Permissionshttp://technet.microsoft.com/en-us/library/cc782737.aspxHow IT Works: NTFS Permissionshttp://technet.microsoft.com/en-us/magazine/2005.11.howitworksntfs.aspxHow IT Works: NTFS Permissions Part 2http://technet.microsoft.com/en-us/magazine/2006.01.howitworksntfs.aspxRegards,Salvador Manaois IIIMCITP | Enterprise & Server AdminMCSE MCSA MCTS CIWA C|EHBytes & Badz: http://badzmanaois.blogspot.com

Thanks for your reply - do you know if there are any white papers from Microsoft on NTFS Permissions and using Security Groups? I nned to produce a report on a recommended approach ans I am looking at recommending using Global and Local Security Groups rather than assigning individual access to folders.Any additional documentation I can provide would help.ThanksNick.

Hi,The following articles cover most aspects of security, not only File System (NTFS) security, hope them help. Best practices for securityhttp://technet.microsoft.com/en-us/library/cc782677.aspxBest practices for assigning permissions on Active Directory objectshttp://technet.microsoft.com/en-us/library/cc786285.aspxAccess Control Best Practiceshttp://technet.microsoft.com/en-us/library/cc778399.aspxThanks. This posting is provided "AS IS" with no warranties, and confers no rights.