AgentFS Scan Capabilities

Server Platform and NAS Device Support

The following Windows platforms are supported as server hosts for scan targets.

Server Platform	Scan Type
Windows Server 2022 Windows Server 2019 Windows Server 2016	Local Scan Proxy Scan
Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 R2 Windows Server 2008	Proxy scan only

Server Platform

Scan Type

Windows Server 2022
Windows Server 2019
Windows Server 2016

Local Scan

Proxy Scan

Windows Server 2012 R2
Windows Server 2012
Windows Server 2008 R2
Windows Server 2008

Proxy scan only

Older systems such as Windows Server 2003 or 2003 R2 may work but are not supported as scan target hosts.

The following Network Attached Storage (NAS) devices are supported as hosts for scan targets.

NAS Device	Scan Type
NetApp Filer with OnTAP 9.x PowerScale (formerly Isilon) OneFS 9.x	Proxy scan only

NOTE: Older versions of NetApp OnTAP and Isilon OneFS may work but are not supported.

NOTE: Other NAS devices not listed here might work with limited support if running a vendor-supported version of the device and management software.

File System Feature Support

The following table lists the file system scanning capabilities of File Reporter.

Feature	NTFS	ReFS
File Name / Extension
File Size
File Sparse Size
File Compressed Size
File Size on Disk ¹
Create Time
Modify Time
Access Time
Directory Quota ²
Owner
Encrypting File System (EFS)

File size-on-disk calculations default to an assumed 4 KB block size in cases where AgentFS cannot retrieve the actual allocation size.
Directory Quotas are only available on Windows 2008 R2 and later servers, and only if the File Server Resource Manager (FSRM) Role has been installed.

Security Scans

Windows Component	Supported	Notes
Share Permissions
Security Descriptors		Includes the DACLs, owner, and all ACE and security descriptor flags. However, only security descriptors for folders are currently collected. Additionally, deny ACEs are not factored into calculations for Permission by Identity or Permission by Path reports.
Universal Security Groups
Global Security Groups
Local Security Groups		The local security groups themselves are collected, but group memberships for local security groups are not currently processed.
Nested Group Memberships		Nested group membership is collected as a flat list of all intermediate and leaf groups, users, and other security principals. The hierarchy of group nesting is not currently preserved.
Primary Groups
Local Security Authority (LSA) Privileges		LSA privileges are not currently collected.

Other Microsoft Supported Features

Multiple domains in a single forest
Distribute File System (DFS) running in domain-based mode

Current Limitations

No scanning of workstations
No scanning for standalone servers
No support for Distributed File System (DFS) in standalone mode
No support for Single Label Domains
No support for FAT or FAT32 file systems
No support for Trusted Forests