Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Can I query Windows 2003 AD Server to get all users and what permissons they have?

Posted on 2010-09-17
5
Medium Priority
?
404 Views
Last Modified: 2012-05-10
Can someone assist me in querying my server for all users and what permissions they have?

Thanks
0
Comment
Question by:rbonds
5 Comments
 
LVL 9

Expert Comment

by:Michael Knight
ID: 33702271
CSVDE will export a spreadsheet with more info than you'd like to know about your AD:
http://www.computerperformance.co.uk/Logon/Logon_CSVDE_Export.htm 
0
 
LVL 3

Expert Comment

by:latchways
ID: 33702338
Absolutly CSVDE is the best way.
0
 
LVL 12

Accepted Solution

by:
FDiskWizard earned 2000 total points
ID: 33702399
This is a multiple problem. Users can be in groups, that in turn have access to NTFS folder, and other AD objects. So, it is hard to see EVERYTHING they have access to.
You would have to have a dump of folder permissions, and compare.. if you want to know what files they have access to.
From the AD side, is possible to dump access list info. I can't recall exact methods I've used.

Check out this tool (DumpSec):
http://www.systemtools.com/somarsoft/?somarsoft.com
0
 
LVL 9

Expert Comment

by:Michael Knight
ID: 33702607
Yes, DumpACL/DumpSec should give you registry level and file level Access Lists.
0
 

Author Closing Comment

by:rbonds
ID: 33702905
Great utility! Thanks for the insight.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question