<div>
<a href="http://itknowledgeexchange.techtarget.com/itanswers/managing-orphaned-sids-on-ad-objects/" rel="ugc">http://itknowledgeexchange.techtarget.com/itanswers/managing-orphaned-sids-on-ad-objects/</a> - Uses groups instead of users to prevent orphans.<br />
<br />
<a href="http://support.microsoft.com/kb/243330" rel="ugc">http://support.microsoft.com/kb/243330</a>&nbsp;- Well known sids in Windows<br />
<br />
<a href="http://www.scriptinganswers.com/forum2/forum_posts.asp?TID=1501" rel="ugc">http://www.scriptinganswers.com/forum2/forum_posts.asp?TID=1501</a>&nbsp;- Script to find orphaned Sids in AD<br />
<br />
HTH<br />
<br />
Viper640
</div>


http://itknowledgeexchange.techtarget.com/itanswers/managing-orphaned-sids-on-ad-objects/ [http://itknowledgeexchange.techtarget.com/itanswers/managing-orphaned-sids-on-ad-objects/] - Uses groups instead of users to prevent orphans.

http://support.microsoft.com/kb/243330 [http://support.microsoft.com/kb/243330] - Well known sids in Windows

http://www.scriptinganswers.com/forum2/forum_posts.asp?TID=1501 [http://www.scriptinganswers.com/forum2/forum_posts.asp?TID=1501] - Script to find orphaned Sids in AD

HTH

Viper640

<div>
do i run the script on the domain controller?
</div>


do i run the script on the domain controller?

<div>
yes, it's a vb script. so copy to a notepad and save as a vbs ext and run it.
</div>


yes, it's a vb script. so copy to a notepad and save as a vbs ext and run it.

<div>
is there a way to look at the script? it does not open in notepad like other vbs'. 
</div>


is there a way to look at the script? it does not open in notepad like other vbs'.

<div>
<div class="content wysiwyg-content">
when looking at permissions for groups and files, from time to time i run accross some orphaned SIDs. is there a way to identify the orphaned SIDs to delete? how should these be handled?
</div>
</div>


when looking at permissions for groups and files, from time to time i run accross some orphaned SIDs. is there a way to identify the orphaned SIDs to delete? how should these be handled?

identifying orphaned SIDs

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.