Active Directory Permissions Auditing and Reporting

Auditing, managing, and reporting on Active Directory permissions using native capabilities is difficult and time-consuming. Our comprehensive, preconfigured analyses and reports enable organizations to easily and automatically determine AD permissions.

Watch Video

 

Request a Free Trial

Powered by ChronoForms - ChronoEngine.com

Randy Franklin Smith

Organizations without the tools to automate the monitoring and reporting of privileged access within their AD-centric environments always end up having embarrassing numbers of people with unsanctioned authority. STEALTHbits’ AD solutions automate the laborious tasks associated with constantly ensuring AD security."

- Randy Franklin Smith

Gain the Most Authoritative View of AD Permissions

Domain, OU, & Object Permissions

Domain, OU, & Object Permissions

Analyze and report on OU, user, group, and computer permissions to identify security risks.

Group Memberships

Group Memberships

Identify group memberships and the access they can grant to sensitive areas in AD.

Effective Access to Change Objects

Effective Access to Change Objects

Determine who has effective access to make changes to admin groups in AD.

Inheritance on Objects

Inheritance on Objects

Uncover broken inheritance on objects to reduce complexity and remediate toxic conditions.

Active Directory Auditing Reports

  • Reset Password
  • Active Directory User Permissions
  • Active Directory Group Membership
  • Active Directory Group Permissions
  • OU Permissions
  • Computer Permissions
  • Reset Password

    Highlight instances where "Reset Password" permissions are applied to Active Directory user objects, with the information summarized at the domain and enterprise levels.

    Enlarge Screenshot

  • Active Directory User Permissions

    Pinpoint instances where permissions are applied to Active Directory user objects, as well as the level of permissions granted.

    Enlarge Screenshot

  • Active Directory Group Membership

    Understand which trustees can change the membership of Active Directory group objects, either by writing the member attribute or via the "Add/Remove self as member" permission.

    Enlarge Screenshot

  • Active Directory Group Permissions

    Shed light on instances where permissions are applied to Active Directory group objects to understand who can perform specific operations against AD groups.

    Enlarge Screenshot

  • OU Permissions

    Quickly analyze and report on where permissions are applied to Active Directory organizational units, with findings summarized at the domain and enterprise levels.

    Enlarge Screenshot

  • Computer Permissions

    Uncover instances where permissions are applied to Active Directory computer objects to avoid growing breach scenarios.

    Enlarge Screenshot

Resources

AD Permissions Analyzer

Data Sheet

Learn More

Randy Franklin Smith Top 10 Ways to Identify and Detect Privileged Users

White Paper

Learn More

10 Steps for Controlling who has Privileged Access to Active Directory

Checklist

Learn More