Look up which servers each user on a domain can access

To be more specific, I have a list of developrs in my company. I need to know which servers each developer (user) has access to on the domain(s) and what type of access they have on the server. I need to know if they have access based on a security group in their AD profile and if they have access because they have been added individually.

I am thinking that I need to search the local groups on every server on the domain(s) for the user's AD account and for a security group in the user's AD account. I have never heard of this and I want some suggestions on how to do this. Please keep in mind that I am very new to this type of work. If you suggest scripting, I have only taught myself VBScript and I am still new to it. Also, if you suggest an application, please keep the price in mind. Now, I understand there may be some better options than VBScripting or using another vendor. Although I am hesitant, I am willing to look into those options as well.
reason4xistenceAsked:
Who is Participating?
 
CurtissConnect With a Mentor Commented:
check out a product called Hyena; i think sysinterals makes it? pretty robust tool for exporting local groups, domain groups, share and folder permissions, etc.
0
 
NikSystems SpecialistCommented:
It can be really hard to found that out if you don't have any documentation for your file/system access.
How many servers are we talking about?

You can connect via Computer Management (right click on my computer --> connect to another PC) and check the local users that way.

You should also check AD group membership for each user and see their access levels to various folders.

As I said, it's a bit messy if you haven't documented this at start.
0
 
reason4xistenceAuthor Commented:
Yikes! That was not what I was hoping to hear. I am talking about hundreds of servers and thousands of security groups. If I could start creating documentation that would be great. But documentation was not done at the start. This is an impossible task to do manually as you suggested because of the volume of servers and security groups. I was hoping an application was already created to do this task.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
NikSystems SpecialistCommented:
It is probably possible to do it via VB script, but unfortunately I can't help you with that.
We have around 30 domain controllers and every single folder access is documented.
I wish I can help you more bud, 'cause this is a really big task to do :(

I'll try to google and ask my colleagues for any ideas..
0
 
reason4xistenceAuthor Commented:
Thanks!
0
 
reason4xistenceAuthor Commented:
I will look into Hyena. Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.