Frequently Asked Questions


 Why don't I get real-time overviews?

The structure of rights in the operating system of Windows is created in a way that allows access rights of a directory to be easily requested. However, it is not possible to ask for access rights per user or per user group. For that, all directories need to be scanned. To save time during the reporting and filtering of the overviews scanning occurs not for each overview, but the information is stored in a database.



 Does Permission Analyzer support special folder permissions?

Yes, although the filter in the overview only shows the general permissions, the detail label below the overview shows all the permissions of a folder (including the special permissions). The HTML reports show the special permissions as well, if applicable.



 I don't see the permissions of all the nested groups in the overview

At this moment Permission Analyzer relies on the WinNT ADSI provider in order to retrieve all domain users, groups and the relation between all members. Unfortunately the WinNT provider does not reveal nested global or universal security groups. It only reveals the nested groups of local and BUILTIN groups.



 Can I limit the domain scan to a given OU instead of scanning the whole domain?

No, at this moment Permission Analyzer will scan all the users and groups in the domain. Because the program relies on the WinNT ADSI provider it cannot filter on domain OU.



 Why are the access rights of some directories unknown?

During the scanning of the network it is necessary to have sufficient reading rights in the directories that are being scanned. If you do not have access rights to certain directories, it is not possible for Permission Analyzer to scan those directories. Check whether you have sufficient rights or log-in to another account with more rights. The account Administrator has sufficient rights in many networks.