NTFS Permissions Auditor - Online Manual

Online Manual

Command-Line Tool

NTFS Permissions Auditor includes a command-line companion tool, NTFSPermissionsAuditorCmd.exe, that runs audits without the graphical interface. This is what Windows Task Scheduler calls when executing scheduled tasks, and you can also use it directly for integration with other automation tools.

Location

The command-line tool is installed in the same directory as the main application. Its full path is typically:

C:\Program Files\Albus Bit\NTFS Permissions Auditor\NTFSPermissionsAuditorCmd.exe

Command-Line Arguments

Argument Description
-t <taskId> Required. The ID of the scheduled task to execute. The task ID is shown in the task list within the application.
-d Optional. Enables debug logging for this execution. Produces detailed log files for troubleshooting.

Example:

NTFSPermissionsAuditorCmd.exe -t 3

This runs the scheduled task with ID 3, using all the settings configured for that task (profile, export format, export path, email, mode).

With debug logging:

NTFSPermissionsAuditorCmd.exe -t 3 -d

The Copy command line button in the task list view copies the exact command for the selected task to the clipboard, making it easy to use with external schedulers.

What the Command-Line Tool Does

When executed, the tool:

  1. Reads the task configuration from the SQLite database
  2. Loads the associated profile (directories, options, exclusions, authentication)
  3. Verifies the license
  4. Runs the audit against the profile’s directories
  5. Depending on the task mode:
    • Export mode: Exports results to the configured path and format, sends email if configured
    • Change Detection mode: Compares to the previous audit, exports the change report, sends email
  6. Saves task history (start/end times, errors, email sent, export path)
  7. Exits with a return code: 0 for success, 100 for failure

Console output shows progress messages: audit start/end, export start/end, email start/end, and any errors.

Logging

When debug logging is enabled (via the -d flag or the task’s “Enable debug logging” setting), log files are written to the configured log directory. The default location is:

%LOCALAPPDATA%\NTFS Permissions Auditor\logs\

Log files follow the naming pattern {date}_{level}.txt (e.g., 2026-03-30_Debug.txt). The log format includes timestamps, log levels, messages, exceptions, and logger names.

A separate log file captures Microsoft framework messages (e.g., Entity Framework queries) in {date}_MS_{level}.txt.

Tip: Enable debug logging only when troubleshooting. Debug logs can grow large on audits with many directories and are not needed for normal operations.

Using with Third-Party Schedulers

While NTFS Permissions Auditor can create Windows Task Scheduler tasks automatically, you can also invoke the command-line tool from any scheduler or automation platform:

  • Windows Task Scheduler (manual setup) — Create a task with the action set to NTFSPermissionsAuditorCmd.exe and the arguments -t <id>
  • PowerShell scripts — Call the tool with Start-Process or directly invoke the executable
  • System Center / SCCM — Deploy as a scheduled package
  • Any CI/CD or orchestration tool — Any tool that can run a Windows executable

The key requirement is that the tool must be run on a machine where NTFS Permissions Auditor is installed and the database file (%APPDATA%\ntfspa.db) is accessible to the user account running the task.

Alternative Credentials in Tasks

If the task’s profile uses alternative credentials, they must be stored in Windows Credential Manager for the user account that runs the scheduled task. If you configure the task to “Run whether user is logged on or not”, make sure the credentials are stored for that specific run-as account.

For tasks that use a command-line password parameter, the password can be passed via the profile’s command password field, which is used instead of the Credential Manager entry.

Use of this site constitutes acceptance of our Privacy Policy and EULA. Copyright © Albus Bit SIA