• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1132
  • Last Modified:

LDAP query for Security group NTFS permissions

We currently have 1 domain running server 2003. Is there i way i can query a security group and it's permissions to all folder within the domain?
0
derekjr
Asked:
derekjr
  • 2
1 Solution
 
oBdACommented:
LDAP is just the directory service for your AD; it does neither know nor care about where the groups and users have permissions.
To create more or less concise reports for security, try one of these:
SystemTools/Somarsoft (my favorite tool):
* DumpSec (http://www.systemtools.com/somarsoft)
Or these tools from Sysinternals:
* AccessEnum (http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx)
* AccessChk (http://technet.microsoft.com/en-us/sysinternals/bb664922.aspx)
* ShareEnum (http://technet.microsoft.com/en-us/sysinternals/bb897442.aspx)
Or this one from Scriptlogic:
* Security Explorer (http://www.scriptlogic.com/products/securityexplorer/)
0
 
derekjrAuthor Commented:
So i would have to run DumpSec on every file server we have?

0
 
oBdACommented:
Yes; NTFS, share, and other permissions are always a part of the host on which the share resides.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now