Script AD Group memberships and access rights

Posted on 2006-04-10
Last Modified: 2010-04-13
Hi there,

I need to find a way of listing all the members of my Windows 2000 active directory groups and then to scan our file, print and application servers to find out where each group has access. would anybody know of such a script or scripts? All help greatly appreciated.

Question by:invirl
    LVL 11

    Expert Comment

    Microsoft script repository to find the group memberships

    Author Comment

    thanks but that only partially (maybe 20%) answers my question. What I'm really trying to achieve here is to find out who has access where without having to manually check the file permissions on each my my shared folders. Perhaps there's an application that I'm not aware of which can do this for me?
    LVL 11

    Accepted Solution

    Yes you can view the ACLs on a the shared folders. You can do in two ways. Use CACLS.EXE or register AdsSecurity.dll and use it in vbscripts or jscripts


    For Security Descriptor:

    Look at the following technet links where you can see different commands with example code to view and modify ACLs
    To analyze the access:

    So to answer your whole question you need to write a script that reads the group memberships of a user and also find the permissions on a shared folder using above VBScript commands.

    But I don't think there is anyother tool that would read both the group memberships and also the ACLs

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Suggested Solutions

    Title # Comments Views Activity
    Question about teaming two NIC's on Server 2012 2 551
    Windows 7 7 250
    Terminal 2000 connection RDP 5 129
    Install Window 2012 Domain on 9 124
    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now