3.1 File System Access Permissions in Identity Governance

For each Target Path defined in File Reporter, the Identity Governance File System access collector provides three permissions:

[Target Path] - Read Access
[Target Path] - Write Access
[Target Path] - Full Control

The following table shows the mapping of specific NTFS access mask flags to a corresponding generic file system access right for use with Data Access Governance.

NTFS Access Mask Flag	Data Access Governance File System Access
List Folder / Read Data	Read
Read Attributes	Read
Read Extended Attributes	Read
Read Permissions	Read
Create Files / Write Data	Write
Create Folders / Append Data	Write
Write Attributes	Write
Write Extended Attributes	Write
Delete Subfolders and Files	Write
Delete	Write
Change Permissions	Change Permissions
Take Ownership	Change Permissions
Traverse Folder / Execute File	-
Synchronize	-