Buy

Active Directory ACL Analyzer

Analyze Active Directory access control lists (ACLs) at a button's touch.

"We are very pleased to see Paramount Defenses, a valued Microsoft partner, offer an innovative security solution (in Gold Finger) that helps enhance security and compliance in Active Directory environments."

Charles Coates, Senior Product Manager      
Identity and Security Business Group

Microsoft Logo
Active Directory ACL Analyzer

Active Directory ACL Analyzer

Active Directory Expert

Overview

Organizations often need to be able to easily view, sort and analyze access control lists (ACLs) that protect the entirety of their Active Directory contents, such as to analyze the ACL protecting the domain root, the Domain Admins group etc.

Active Directory ACL Analyzer is a specialized audit tool designed by former Microsoft Program Manager for Active Directory Security to help IT groups and personnel easily, instantly and trustworthily fulfill this need.

It automates the retrieval and display of a complete, detailed, fully-sortable view of the ACL of any Active Directory object, with individually sortable columns for all permission, type and inheritance fields, all at the touch of a button.


Features

Complete Active Directory ACL Analysis
Complete, Detailed ACL Analysis

Fully sortable and easily analyzable Active Directory ACL views

Fully Sortable Active Directory ACL
Fully Sortable by Individual Permissions

Fully-sortable view, with individual permissions in unique columns

Active Directory ACL Owner and Count
Ownership and Permission Count

Easily identify the object's owner, and the number of ACEs in the ACL

Active Directory SACL Analysis
AD SACL Analysis

View, analyze and export Active Directory SACLs that control auditing

Active Directory ACL and SACL Export
ACL and SACL Export

Instantly export the ACL and SACL protecting any Active Directory object

Technical Summary

Technical Summary

Active Directory ACL Analyzer retrieves and provides a rich, detailed, fully-sortable view of the access control list of any Active Directory object, including dissecting the permissions and inheritance field into individually sortable columns, thus making it really easy for IT personnel to analyze Active Directory ACLs.

Benefits
Easily Analyze Active Directory ACLs
Easily Analyze Active Directory ACLs

Analyze the ACL of any Active Directory object at a button's touch

Instantly Analyze Active Directory ACLs
Instantly Analyze Active Directory ACLs

Obtain a complete view of any Active Directory object's ACL in seconds

Real-time Active Directory ACL Analysis
Real-time Active Directory ACL Analysis

Analyze any Active Directory object's ACL before and after a change

Zero Requirements
Zero Requirements

Perform audits without requiring admin rights, agents or services

Made in USA
Peace of Mind

Have peace of mind knowing you're using a trustworthy tool made in USA

Example Reports

The following real-world examples illustrate the Active Directory ACL Analyzer's capabilities -

  • View the ACL protecting the domain root object in complete detail to identify who has the Get Replication Changes All extended right.
  • Easily view and analyze the ACL protecting the AdminSDHolder object to enumerate all security principals for whom access specified.
  • Identify every permission in the ACL on the built-in Administrators group object that grants Write-Property - Member permissions.
  • Export/dump the ACL of the Enterprise Admins security group object to furnish it as evidence for a regulatory compliance report.
  • Identify every permission in the ACL on the top-level Corporate OU object that grants a user or a group Create Child permissions.
  • Enumerate the list of all security permissions in the ACL of the Help Desk Operators object that are Explicit in nature.
  • Identify all security permissions in the ACL protecting the CEO's domain user account object that Deny access.
  • View and analyze the ACL protecting the root object of the Configuration partition.
  • Identify all inherited security permissions in the ACL protecting the CFO's domain user account object.
  • Identify all security permissions that grant generically or specifically grant extended rights on a critical domain user's account.
We Care Deeply

Requirements and Licensing

Active Directory ACL Analyzer can be instantly downloaded, installed and run on any Windows computer. Its use does not require any admin privileges, any changes to or any knowledge of Active Directory.

The tool is licensed on a subscription model, and can be licensed on a monthly, quarterly or annual basis.

"We use the Gold Finger from Paramount Defenses to fulfill our Active Directory Audit needs. It saves us a lot of time and effort and we would recommend it to anyone who needs to perform Active Directory audits trustworthily and cost-effectively. Great product, great support."

Sean Seeliger, Architect

Ask a Question

Ask a Question
Download Free Version

Download Free Version
Buy a License

Buy a License

Our Global Customers

  • Australian Government
  • United States Treasury
  • British Government
  • Government of Canada
  • British Petroleum
  • Ernst and Young
  • Saudi Arabian Monetary Agency
  • Juniper Networks
  • U.S. Department of Defense
  • Microsoft Corporation
  • United Nations
  • Quantium
  • Nestle
  • IBM Corporation
  • U.S. Federal Aviation Administration
  • Columbia University

Privileged Access Assessment Innovation

Privileged Access Assessment Innovation

Privileged Access Assessment Tooling

Privileged Access Assessment Tooling

Privileged Access Assessment Service

Privileged Access Assessment Service

Your Privacy

We use cookies to provide you the best online experience. Please let us know if you accept these cookies.