Active Directory Object Permission Reporter – Delta reports show what changed

10 Jul


The new version 3.5 of Enterprise Permission Reporter now includes

  • File Security Reporting
    who has access to folders and files? What's new – which modifications are made between 2 scans
  • Active Directory Object Permission Reporting
    who has access to AD objects like OUs, users groups?  What's new – which modifications are made between 2 scans?
  • Active Directory Group Membership Watcher
    who is added or removed from a certain important group? Real-time reports.

EPR v3.5 combines basic reports which scan and document all found entries and DELTA reports which contain only the difference made.

The security administrator, the department or the group which is responsible for auditing gets only the information it needs. The IT administrators setup the software, define the policies and send the reports to the responsibles. That's all for the IT!

In this blog I describe shortly how the Active Directory Object Permission Reporting works.


The configuration of a Report Definition is devided in 5 steps.

1. General
Configure name and description.


2. Analyze
Choose an Organizational Unit or select other Active Directory objects like users, contacts, groups, mail-enabled Public Folders.


3. Storage
Running the trial you might want to store the results in your file system. In production we recommend to use a database.


4. Notification
A summary and the result of the report can be set to any recipient you want.

Vorschaubild für EPRMW04.PNG

5. Scheduling
Schedule when the report should be executed.


Leave a Reply

Your email address will not be published. Required fields are marked *