Solved

Active Directory Security Group

Posted on 2010-11-11
6
369 Views
Last Modified: 2013-12-04
Do you know of any tool or way that will help me resolve an AD group to its Folder? Ie: I have the Active Directory Group, but the description is blank and would like to know which Folder it corresponds to.

To explain abit further: I have AD Groups that I have no idea what they do. I'm pretty sure that they are giving permissions to specific folders on the network and would like to find out which folder on the network the AD group corresponds to.

Thanks.
0
Comment
Question by:bge01
6 Comments
 
LVL 9

Expert Comment

by:x3man
ID: 34110332
0
 
LVL 2

Assisted Solution

by:gentle0000
gentle0000 earned 166 total points
ID: 34110394
Hi,

When you apply permissions to a network resource, you store the AD SID of that user or group to the NTFS File System of the machine which has the specific network resource. (i.e. Share Folder).

There is nowhere on the AD Database where it is stored where that SID was used and if you think it well there is no reason that it should be, because that information wouldn't be accurate.

So the answer to your question is that there is no way to find that kind of information with that way.
You will have to try a different approach.
Try to find a program that exports the NTFS permissions and then check the groups used manually.

With Regards,

0
 
LVL 27

Accepted Solution

by:
KenMcF earned 168 total points
ID: 34110417
If this is multiple servers it will be a little hard, you could use a product like security explorer

http://www.scriptlogic.com/products/security-explorer/


Another thing you can do is change the security group to a distribution group. Find out what they loose access to, if needed you can switch back to a security group and they will get all the permissions back becuase to group will still keep the SID.
0
 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 166 total points
ID: 34110612
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34700104
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question