As you’ve probably guessed from the title, the next tool I’m going to be releasing is a permissions reporting tool for Active Directory. It will be similar in concept to my NTFS Permissions Reporter tool, but obviously instead of reporting on file system permissions it will report on permissions assigned to objects in AD (e.g who can modify which properties of which user accounts, OUs, etc etc).
As always I’m aiming to make this tool as easy to use and intuitive as possible, whilst also providing enough features and flexibility to make it really useful for more advanced scenarios. So you’ll be able to just see a simple summary of who has access to which OUs etc, but you’ll also be able to perform more advanced queries that find specific permissions (all the way down to reading/writing specific LDAP attributes) or for example find all objects that are not inheriting permissions from their parent OU. There will also be a command line version included to allow the creation of automated tasks that produce AD permissions reports and export them to file or email them to you.
EDIT: If you’re interested in this tool, if you could also check out this new post asking for feedback on which features you’d like to see in the first release that would be great.
I don’t have any screenshots yet as I’ve been focusing on the core functionality and not done much work on the GUI yet, but I’ll post another entry on this blog as soon as I do have some BETA screenshots and a release date. As with all of my other tools there will be a free edition which will be completely free for personal or commercial use, and a standard edition which will be paid for (prices TBA along with the release date) and will include extra features such as the command line module mentioned above.