Direct permissions are inefficient because users need to be managed individually. They should be avoided and replaced with group permissions. 8MATE Clean! identifies all direct permissions on you file servers and turns them into group memberships.
This has the following advantages:
Direct permissions cause unresolved SIDs wehen user accounts are deleted. These can then be used by other users to gain unauthorized access to sensitive data. Direct permissions also increase the length of the ACL on your file server and consequently the time needed to verify whether a user will get access to the requested resource.
If access should be removed for accounts with direct access, then we recommend deleting all direct permissions.
8MATE Clean! is managed and operated by our experienced System Engineers.
Contact us for more information: firstname.lastname@example.org