Re: Show NTFS Security Error

When users or groups are deleted from AD, Windows doesn't go through the file and directory ACLs to remove any entries for that user or group. That error is simply indicating that a user or group in the ACL for that object no longer exists. There is an option to stop displaying those errors.

Re: Show NTFS Security Error

I know, but there is no other result in the right windows of any other user or group.

Re: Show NTFS Security Error

The only thing I can think of is if you have something in the box at the bottom to Only show security information for this user/group. Verify that it is empty. Actually, I just did a test and see that if you enter a space it will fail to find anything, so make sure if you don't see anything there that there isn't a space.

Re: Show NTFS Security Error

The box at the bottom is completly empty.
I did the same report with the trial version and it worked fine. So I bought a license now, reinstalled the software and now it doesn't work.

Re: Show NTFS Security Error

Send screenshots showing how you are getting to this point and any additional information you can provide to [email protected] so we can see what you are doing.

Re: Show NTFS Security Error

This error appears when Windows can't determine the user/group that is associated with a SID. Windows only stores a SID for all security information, so when scanning files and folders for NTFS security information, an application has to request to Windows that the SID be converted into a text representation of the actual user or group. If this function fails, then you will see the error that you are seeing.

One example of a way to usually create this error is to look at the security of a directory on a remote server, but be logged in locally to a client computer. By logging in locally, Windows usually won't be able to know where the security information is maintained and won't be able to resolve the SID. The function used by Hyena and Exporter Pro is 'LookupAccountSID'. The steps taken by this function (from Microsoft's docs) is:

"The LookupAccountSid function attempts to find a name for the specified SID by first checking a list of well-known SIDs. If the supplied SID does not correspond to a well-known SID, the function checks built-in and administratively defined local accounts. Next, the function checks the primary domain. Security identifiers not recognized by the primary domain are checked against the trusted domains that correspond to their SID prefixes.

If the function cannot find an account name for the SID, GetLastError returns ERROR_NONE_MAPPED. This can occur if a network time-out prevents the function from finding the name. It also occurs for SIDs that have no corresponding account name, such as a logon SID that identifies a logon session.

In addition to looking up SIDs for local accounts, local domain accounts, and explicitly trusted domain accounts, LookupAccountSid can look up SIDs for any account in any domain in the forest, including SIDs that appear only in the SIDhistory field of an account in the forest. The SIDhistory field stores former SIDs of an account that has been moved from another domain. To look up a SID, LookupAccountSid queries the global catalog of the forest."

Re: Show NTFS Security Error

And whats the result for my case?
I need a report which ad-group has rights on which directory on the fileserver. Should I install Hyena on the domaincontroller?

Re: Show NTFS Security Error

From your screenshots I would assume the problem is due to using the Directory Path object. Using your domain object, drill down to this same server, expand it and go through Shares to this same directory. See if it works for you that way.

Re: Show NTFS Security Error

Yes, that works.
Thank you!