Using program parameters
Permission Analyzer is able to run network scans and export reports automatically. Simply use Windows Scheduled Tasks and a combination of application parameters:
Parameter | Function |
---|---|
-scan | Automatically initiate a network scan with the current configuration, after which the application closes down. Only checked directories and LDAP OUs will be scanned. Review results of an automatic scan in the status list in Scan View or via the Last_status_messages.csv file in the application directory. |
-scanDirectories | Only scans (checked) directories and files and does not change LDAP data in the database. Review results of an automatic scan in the status list in Scan View or via the Last_status_messages.csv file in the application folder. |
-scanLdap | Automatically initiates a scan of all selected LDAP OUs. Directory data in the database remains unchanged. |
-forceScanAllLdapContainers | Scans all LDAP containers in combination with the -scan parameter, even if they are unchecked. A scan will normally only scan the directories and LDAP containers that have been checked in the Scan View. |
-forceScanAllDirectoryContainers | Scans all directories in combination with the -scan parameter, even if they are unchecked. A scan will normally only scan the directories and LDAP containers that have been checked in the Scan View. |
-directory | Scans a particular directory (or server name) in combination with the -scan parameter and overrules the checkbox in the UI. A scan will normally only scan the directories and LDAP containers that have been checked in the Scan View. The directories given by this parameter must be already present in the Scan View of the application, in order to retrieve additional config like the depth. You use the directory path or server name as parameter value, for example: -directory “c:\project data” “FileServer02” “FileServer03”. |
-ldapOU | Scans a particular LDAP OU in combination with the -scan parameter and overrules the checkbox in the UI. A scan will normally only scan the directories and LDAP containers that have been checked in the Scan View. The OU’s given by this parameter must be already present in the Scan View of the application, in order to retrieve additional config like the LDAP connection. You use the base OU as parameter value, for example: -ldapOU “CN=Dev,OU=Distribution Groups,DC=gp,DC=gl,DC=mydomain,DC=com” “OU=Management,DC=mydomain,DC=com”. |
-clearData | Overrides the clear data checkbox in the Scan View and it will clear all the existing data from the database before starting a new scan. This parameter is used in combination with the -scan parameter. |
-password | If the application is secured with a password, than this parameter, combined with a scan or report parameter, can be used to initiate the application. |
-report | Exports a specific report (by name) and can include sending out an e-mail notification. Multiple reports can be exported by inputting the several reports: -report “All permissions for John Doe” “All explicit permissions in the projects folder”. |
-allReports | Exports all reports and sends out all required e-mails if that option has been enabled for a report. Export files are automatically overwritten. |
-policy | Runs a specific policy (by name) and can include sending out an e-mail notification. Multiple policies can be exported by inputting several policies. |
-allPolicies | Runs all policies. |
-data | Overrules the default workspace folder that holds all the application preferences. You can create different configurations (domain settings, credentials, OU’s and folders to scan, database path) by specifying another workspace location. For example: Permission Analyzer.exe -data “c:\workspaces\customerA” |