Active Directory Permissions Auditing and Reporting

STEALTHbits’ Active Directory Permissions Auditing and Reporting provides Active Directory tools for complete visibility into Active Directory permissions at every level, enabling you to report on users, computers, groups, and organizational units using our Active Directory Permissions Analyzer.

 
Audit and report on Active Directory group membership.

AD Group Membership

Audit Active Directory groups to determine Active Directory group membership and the access to Active Directory they can grant to sensitive areas of your directory.

Audit Active Directory to govern who can make changes to administrative accounts.

Effective Access to Change Objects

Identify who has Active Directory permissions to make changes to active directory groups with administrative rights and other critical active directory objects using our Active Directory Effective Permissions Tool.

Audit Active Directory broken inheritance on AD objects.

Inheritance on AD Objects

Use Active Directory Monitoring to uncover instances of Active Directory organizational unit broken inheritance on Active Directory objects to reduce complexity and aid in the remediation of toxic conditions.

For the AD optimization strategy, we prioritized the big-ticket items: trust and configurations between domains, accounts with elevated permissions, and computer objects and group configurations...

Active Directory Organizational Unit Permissions Report

Identify Active Directory objects that have access to Active Directory organizational units. Drill-down into Active Directory permissions to uncover security risks like the Everyone group having the ability to create and delete users and groups within a domain.

Active Directory organizational unit permissions report provides an overview of users and groups that have access to OUs in Active Directory.

Active Directory Group Permissions Report

Using this report, you can see the Active Directory permissions of Active Directory groups and how those permissions were granted. You can also determine which Active Directory groups have direct permissions versus those with effective access through Active Directory nested groups.

Active Directory group permissions report highlights the access groups have been granted in Active Directory by permission type and domain.

Active Directory User Permissions Report

With the report on Active Directory user permissions, you can find conditions like the Everyone group having delete permissions in the Active Directory domain. You can also see user permission types as well as Active Directory user permissions across domains.

The AD Password Reset Permissions Report highlights instances where Reset Password permissions are applied to Active Directory user objects.