I want to build a security report that lists what directories and files a specified user account has access to by NTFS permission level (Read, Change, Full Control, etc.).
I am looking at running a scripted input using MS Powershell. Is this the right approach?
"Best" is very subjective. If you can build a scripted input using Powershell that tells you what to you want to know, then that should work fine.
As I understand your requirement, you're not looking to index audit data (as in who accessed which file when), but rather who, based on permissions, has the potential to access. You might be able to do this simply by running xcacls or a similar NTFS permissions dumptool -- but a powershell script could be more robust.
Ultimately, you may need a small amount of python glue to launch your powershell script, but this should work.
"Best" is very subjective. If you can build a scripted input using Powershell that tells you what to you want to know, then that should work fine.
As I understand your requirement, you're not looking to index audit data (as in who accessed which file when), but rather who, based on permissions, has the potential to access. You might be able to do this simply by running xcacls or a similar NTFS permissions dumptool -- but a powershell script could be more robust.
Ultimately, you may need a small amount of python glue to launch your powershell script, but this should work.