Solved

Active Directory Security Group

Posted on 2010-11-11
6
374 Views
Last Modified: 2013-12-04
Do you know of any tool or way that will help me resolve an AD group to its Folder? Ie: I have the Active Directory Group, but the description is blank and would like to know which Folder it corresponds to.

To explain abit further: I have AD Groups that I have no idea what they do. I'm pretty sure that they are giving permissions to specific folders on the network and would like to find out which folder on the network the AD group corresponds to.

Thanks.
0
Comment
Question by:bge01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 9

Expert Comment

by:x3man
ID: 34110332
0
 
LVL 2

Assisted Solution

by:gentle0000
gentle0000 earned 166 total points
ID: 34110394
Hi,

When you apply permissions to a network resource, you store the AD SID of that user or group to the NTFS File System of the machine which has the specific network resource. (i.e. Share Folder).

There is nowhere on the AD Database where it is stored where that SID was used and if you think it well there is no reason that it should be, because that information wouldn't be accurate.

So the answer to your question is that there is no way to find that kind of information with that way.
You will have to try a different approach.
Try to find a program that exports the NTFS permissions and then check the groups used manually.

With Regards,

0
 
LVL 27

Accepted Solution

by:
KenMcF earned 168 total points
ID: 34110417
If this is multiple servers it will be a little hard, you could use a product like security explorer

http://www.scriptlogic.com/products/security-explorer/


Another thing you can do is change the security group to a distribution group. Find out what they loose access to, if needed you can switch back to a security group and they will get all the permissions back becuase to group will still keep the SID.
0
 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 166 total points
ID: 34110612
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34700104
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question