Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Active Directory Security Groups

Posted on 2014-01-21
3
291 Views
Last Modified: 2014-01-21
I have found some security groups that do not have a description on them and I am trying to figure out what some of these older ones are for. Is there a way to tell where those security groups are applied? Perhaps a powershell command or something?
I think the majority of the ones I'm looking at would give a user access to a server or PC and not so much to file shares. I just want to get this documented of who has access to what and be able to remove them if they aren't being used.


Thanks in advance.
0
Comment
Question by:Winsoup
3 Comments
 
LVL 20

Expert Comment

by:Patrick Bogers
ID: 39798089
Hopefully you havent got to many servers in your organisation because IMHO you need to check server by server by hand.

If best practice has been obtained you probably only need to look at the local groups on member server and check where those Global Groups are member. Once you have mapped the servers and their Local Groups HOPEFULLY there is a descryption there because else you have to go manually through all the files and folders. Wish i could be more 'nice' to you.
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39798126
You can use AccessEnum, ShareEnum and AccessChk to get the information...See links below for downloads...

AccessChk

AccessEnum

ShareEnum

Will.
0
 
LVL 3

Author Closing Comment

by:Winsoup
ID: 39798307
Accesschk seems to be working pretty well. Thank you.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question