Solved

Look up which servers each user on a domain can access

Posted on 2009-04-09
7
282 Views
Last Modified: 2013-12-24
To be more specific, I have a list of developrs in my company. I need to know which servers each developer (user) has access to on the domain(s) and what type of access they have on the server. I need to know if they have access based on a security group in their AD profile and if they have access because they have been added individually.

I am thinking that I need to search the local groups on every server on the domain(s) for the user's AD account and for a security group in the user's AD account. I have never heard of this and I want some suggestions on how to do this. Please keep in mind that I am very new to this type of work. If you suggest scripting, I have only taught myself VBScript and I am still new to it. Also, if you suggest an application, please keep the price in mind. Now, I understand there may be some better options than VBScripting or using another vendor. Although I am hesitant, I am willing to look into those options as well.
0
Comment
Question by:reason4xistence
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 17

Expert Comment

by:Nik
ID: 24109816
It can be really hard to found that out if you don't have any documentation for your file/system access.
How many servers are we talking about?

You can connect via Computer Management (right click on my computer --> connect to another PC) and check the local users that way.

You should also check AD group membership for each user and see their access levels to various folders.

As I said, it's a bit messy if you haven't documented this at start.
0
 

Author Comment

by:reason4xistence
ID: 24109876
Yikes! That was not what I was hoping to hear. I am talking about hundreds of servers and thousands of security groups. If I could start creating documentation that would be great. But documentation was not done at the start. This is an impossible task to do manually as you suggested because of the volume of servers and security groups. I was hoping an application was already created to do this task.
0
 
LVL 17

Expert Comment

by:Nik
ID: 24109905
It is probably possible to do it via VB script, but unfortunately I can't help you with that.
We have around 30 domain controllers and every single folder access is documented.
I wish I can help you more bud, 'cause this is a really big task to do :(

I'll try to google and ask my colleagues for any ideas..
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:reason4xistence
ID: 24110090
Thanks!
0
 
LVL 2

Accepted Solution

by:
Curtiss earned 500 total points
ID: 24120863
check out a product called Hyena; i think sysinterals makes it? pretty robust tool for exporting local groups, domain groups, share and folder permissions, etc.
0
 

Author Comment

by:reason4xistence
ID: 24196857
I will look into Hyena. Thanks.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Azure Functions is a solution for easily running small pieces of code, or "functions," in the cloud. This article shows how to create one of these functions to write directly to Azure Table Storage.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question