Freeware and Plugins

Freewaregruppe Monitoring/Nagios-Plugins

check_ntfs_permissions

Windows-Plugin:

Windows-Plugin: checks given NTFS Permissions on Windows systems based on information file

Download of this plugin only by mail request, please contact Support.

Description

check_ntfs_permissions is a Windows-Plugin for Monitoring-Systems, which check NTFS Permissions on Windows systems (idea: kind of Health-Check for permissions, which are once set and should not be changed without notifying an administrator).

Requirements

Windows Server 2003 R2 or newer
Configurationfile permissions.conf

Documentation

Usually, this plugin is called without parameters.

C:> check_ntfs_permissions.exe

It can be used on english or german Windows OS.

Installation

Given permissions has to be read once to write them as hashes into the config file.
Executing the Plugin will read this config file and compares every hash with the permissions found in NTFS.
If comparison signals changes, they will errorlevel CRITICAL afterwards.

Config file permissions.conf looks like this:

<Path> = MD5-Hash

Hints:
if you are checking permissions on files or directories which have inherited rights, you must run the NSClient++ service in Usercontext!
Usually NSClient++ services runs in SYSTEM context.

The config file has to be protected against manipulation, esp. by users trying to change the hashes.

Preferably the plugin is copied into the script directory where you will store your checks under Windows

When using NSClient ++ an entry in NSC.INI similar to this is generated and pointing to the check-plugin:

additionally the config file and its sample content:

C:> type c:\nsclient++\scripts\permissions.conf

The examples show some directorynames, which are written in its shortform – this is due to the fact, that we are using german Umlaute for it:
KONSTR~1 (for Konstruktionspläne), GESCHF~1 (for Geschäftsführung), NETZPL~1 (for Netzpläne) ect.

Configuration of the config file permissions.conf

Manual changes on config file:

– if you have to extend the config file just write an additional path with tailing equal sign.
Afterwards execute the plugin again, it will recognize the new path, read the NTFS permissions and write them as new hashes in the config file:

NTFS_Permissions OK: Folder checked: 1, Folder unchanged: 1, Folder changed: 0 – Permissions on folder C:\Temp\Testordner saved.

– if you need to change permissions: just delete the hash AND the equal sign after the path and execute the check again:

C:> check_ntfs_permissions.exe

OK: Folder checked: 29, Folder unchanged: 29, Folder changed: 0 – Permissions on folder E:\Server Ordner\Zeiterfassung saved.

– if you have to delete a check for a given line: just delete the whole line in the config file and execute the plugin again:

NTFS_Permissions OK: Folder checked: 28, Folder unchanged: 28, Folder changed: 0

For information on the plugin and its usage you can call it with the help command:

C:> check_ntfs_permissions.exe help

For debugging purposes, it may also be called with a more detailed output option (this mode is not suitable for continuous operation, but for testing purposes only).
Afterwards it will output the detailed status of the individual components:

C:> check_ntfs_permissions.exe debug

Examples

Check of several Directories, things are fine:

C:> check_ntfs_permissions.exe

NTFS_Permissions OK: Folder checked: 29, Folder unchanged: 29, Folder changed: 0

Checking permissions on Directories, permissions have changed, comparison to config file :

C:> check_ntfs_permissions.exe

NTFS_Permissions CRITICAL: Folder checked: 30, Folder unchanged: 29, Folder changed: 1 – Permissions on folder C:\Temp\Testfolder changed.

Changelog

2014-12-04
1.3 – Use long directorynames

2014-10-11
1.2 – Support for german Umlaute in directorynames

2014-06-07
1.1 – Support for .Net 3.5

2013-29-07
1.0 – First version

Copyright

check_ntfs_permissions is licensed under the GNU General Public License.

Autor

Joachim Luft will answer your questions to this plugin and is happy about your donation.

Freeware name

check_ntfs_permissions

  • System: Nagios Plugins and Addons
  • Date: 02.March 2017
  • Author: Joachim Luft
  • Version: 1.3

Category: Monitoring/Nagios-Plugins

Tags: Windows-Plugin