If you find yourself with the annoying and often frustrating job of wrestling with NTFS and Active Directory permissions I may have the answer for you; a tool called Permission Analyzer published by Perdemia.\nPermission Analyzer is actually more than just a way of saving time and effort, it\u2019s also a way of ensuring the operational integrity and security of your network because it can answer questions like \u201cWho has network access to our HR data?\u201d or \u201cWho besides engineering can read files on the development server?\u201d Not being able to definitively answer such questions can expose your organization to significant legal and economic risk particularly in regulated industries.\nThe first step in using Permission Analyzer is to scan your network which saves directory information and group membership data from AD\u2019s LDAP services in a built-in local database or in an external database (for shared access) and any JDBC external database can be used and Permission Analyzer automatically supports Oracle, DB2, MS SQL, MySQL, PostgreSQL, Derby and H2 databases. Permission Analyzer can be secured with a password and, depending on which license has been purchased, the database can be encrypted to limit access and risk of revelation in the case of a breach.\n \n\nView permissions trace\n\n\nOnce scanning has completed you can trace permissions on demand, generate reports, and define policies and permissions can be modified directly from Permission Analyzer\u00a0\nTracing permissions, which can be done for users and groups, will show where inherited permissions from a user\u2019s group memberships may not be what is wanted and you can save filters for reports and export the results in HTML or CSV format or via e-mail.\n \n\nEffective permissions report\n\n\nReports can generate e-mail notifications if unwanted permissions are detected and you can run Permission Analyzer from the command line with parameters using Windows Scheduler which makes policy automation simple.\u00a0\nAll Permission Analyzer\u00a0licenses are valid for one year and include support and updates. Trial licenses allow for one server with two root directories with unlimited users and groups while the Basic license ($599.99) allows for unlimited directories, 500 users, and 100 groups, a local database, and with up to three license moves (deactivation and reactivation). Standard license ($899.99) is the Basic license but with five servers, 3,000 users, and 1,000 groups, and adds database encryption. The Enterprise license ($1,299.99) adds external database support with unlimited servers, users, and groups. Finally, the Consultant license ($2,499.99) increase the number of license moves to 200.\nIf you\u2019re running a network of any complexity and you have content that needs to be protected from inappropriate access then without tools to analyze permissions that you run on a regular basis, you\u2019re running a huge risk. So, if you\u2019re not using a tool like Permission Analyzer, what are you using?\nThoughts? Suggestions? Send me feedback via email or comment below and follow me on Twitter and Facebook.