Authorization analysis

The authorization analysis offers migRaven administrators detailed insights into compliance with Microsoft best practices for NTFS permissions on your imported IT resources. Quickly and easily discover where permissions are tiered too deeply (beyond three levels), where permission inheritance has been broken, or where users have received permissions directly. This information is essential if you plan to restructure your file servers or clean up your Active Directory.

This analysis stands by default only migRaven-Administrators are available, as in-depth knowledge of authorization management is required. migRaven is designed to be role-based so you can help others user roles Grant or revoke additional features or access rights.

After your Active Directory and file server resources are through migRaven were scanned, visualizes the Authorization analysis in migRaven.24/7 the authorization situation on the selected resource is very clear.

To start an authorization analysis (see screenshot):

  1. Open the migRaven.24/7 web client.
  2. Navigate to using the menu Resource analysis.
  3. Choose the Authorization analysis .
  4. In the drop-down menu, select the file server resource you want to analyze.
  5. Start the analysis by clicking Start query.
Click on the image to see the original size.


This bar chart gives you an initial overview of how deep permissions have been assigned in your system (6). According to Best practices It is recommended not to grant permissions lower than the third level. Authorizations that go beyond this are often the result of outdated structures in historically grown IT environments.

Click on the image to see the original size.


To the right of the bar chart you will find a detailed breakdown showing how many directories and permissions were analyzed. These are listed under point (7) with the following values:

  • Directories with permissions that are too low
  • Overall, explicitly assigned rights
  • Different rights, including inherited rights
  • Entire directories (including empty folders)
  • Lowest directory level with explicit rights
  • Average authorization level

Click on the image to see the original size.


At the bottom of the Best Practice Analysis page you will find additional analyzes (see point 8). These are described in detail to give you a deeper understanding of the specific permission configurations in your system.

To identify areas where permission inheritance has been broken, we recommend doing an Excel export (9) of your data. In the Excel spreadsheet, filter for “Inheritance break – YES” (point 10). This will show you the specific paths (11) where there are breaks in inheritance.

Click on the image to see the original size.

Example of the Excel report:


In addition, the export offers a variety of other analyses.

Permanent link to this post: https://help.migraven.com/analyse-der-gescannten-daten/