Feedback and features

November 1, 2015

Feedback and features

Permission Analyzer 2.0 has been released and we are very much interested in your feedback. Feel free to add comments about the usability, features, findings or any interesting results you have achieved using the application.

The next upcoming features will focus on audit reports about your network. A dashboard will display some interesting statistics, like the percentage of explicit user permissions, number of group memberships, potential security leaks and many more. Export to PNG or JPG will be supported to include audit results in your own customer report. Please add a comment if you have any interesting statistics in mind!

Permission Analyzer is based on Java and can work on any operating system that supports Java. The scan process of Permission Analyzer requires a Windows machine, but once the scan has been done (from for example the domain controller) and the external database has been filled, you can use any workstation to create the overviews and exports. Permission Analyzer supports many databases to share the scan results between clients. The application has only been tested on a Windows client, but in the near future we will perform the first tests on Linux and OS X.


  1. Anders

    The tool is great, it was a little tricky to understand at first but then it worked fine.

    The reports seemed great too.

  2. Joseph

    The tool does seem like it is helpful on our network. We have a lot of permissions setup for individual users rather than groups and it looks like Permissions Analyzer will help us identify exactly where the permissions are coming from and allow us to get more control over the access.

  3. Tom Crilly

    I was interested in knowing if the program singles out Groups and analyzes their permissions in relation to the rest of the Organisational Unit.

    • perdemia

      Hello Tom,

      You can select an OU as filter, that way Permission Analyzer will aggregate all permissions of every member in the OU, including their group membership(s). In this aggregated list of permissions (the directory tree in the application) you can zoom in on specific folders and members to see where the permissions come from.

  4. Christian Kinsey

    Is it Possible to include/list the Member of the Groups in the HTML Report. Example: Group “Eval” Containts User “User1, User2, User3”

    • perdemia

      Hi Christian,

      The HTML report has no option to expand group members, yet. The point is that in most cases the report will contain so many members that it becomes quite useless (imaging expanding the group Domain Users for every folder in your report). On the other hand, if your report contains really focussed filters, it might be useful. You are not the first one asking for this feature so it will be implemented in the tool. I will keep you posted about the progress. At this moment you can view the members of a group in the application (in the ACL View). In this dialog you can search and view nested group memberships. If you are interested in the members of a particular group, you can also add the group to the filter “All members from group or OU”. When you create a Trace Permissions report it will show the permissions for all members from that group.

  5. David

    I’ve been experimenting with the custom templates trying to figure out how to export display names, in addition to MYDOMAIN\jdoe [John Doe]. The default format is fine for me, but can be a little overwhelming for department directors to look through to see who has access to their folders, preferably the display name would have its own column. I have little experience with PowerShell and even less with Java Script, so far I’ve tried to add the [displayName] to the end of the list in the CSV with a matching Name field, but it only repeats the “[displayName]” instead for the name column.

    It would great if you could choose what fields would be exported on more of a granular level instead relying on templates.

    • perdemia

      Hi David,

      Great to hear that you are using custom report templates. Your placeholder [displayName] was repeated in the output because the application did not support a placeholder with that name. We have made an update to support a dedicated placeholder for the displayname. The update is online (check for updates in the Help menu) and you can now use the placeholder [memberDisplayName] in the report templates. You can either replace the placeholder [memberName] in the current HTML template by the new placeholder [memberDisplayName] or we can add a new column for you in a custom template, no problem.

  6. Arturs

    Just downloaded it and started to test. Unfortunatly it seems that the 32bit version has an issue – it does not start at all. Or am I missing something?

    The 64bit is working fine. I just have a 32bit file server and would like to run the tool directly on the server directories and not the shares.

    • perdemia

      Hello Arturs,

      Thank you for your feedback. We have added a setting in the file “Permission Analyzer.ini” recently to configure the maximum amount of memory that can be taken by the application. It seems that the 32-bit version of the application will sometimes break on this setting. You can modify the file Permission Analyzer.ini and change the last line “-Xmx2g” into “-Xmx1400M” (in case of the 32-bit application version).

      The download on the website has been updated.

      Let me know if you need any help configuring the application!

Leave a reply

You must be logged in to post a comment.

Forgot password?

(*) Required fields

I agree with OptimaSales Terms & Privacy Policy