Can I query Windows 2003 AD Server to get all users and what permissons they have?

Can someone assist me in querying my server for all users and what permissions they have?

Who is Participating?
This is a multiple problem. Users can be in groups, that in turn have access to NTFS folder, and other AD objects. So, it is hard to see EVERYTHING they have access to.
You would have to have a dump of folder permissions, and compare.. if you want to know what files they have access to.
From the AD side, is possible to dump access list info. I can't recall exact methods I've used.

Check out this tool (DumpSec):
Michael KnightCommented:
CSVDE will export a spreadsheet with more info than you'd like to know about your AD: 
Absolutly CSVDE is the best way.
Michael KnightCommented:
Yes, DumpACL/DumpSec should give you registry level and file level Access Lists.
rbondsAuthor Commented:
Great utility! Thanks for the insight.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.