• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

Active Directory Security Groups

I have found some security groups that do not have a description on them and I am trying to figure out what some of these older ones are for. Is there a way to tell where those security groups are applied? Perhaps a powershell command or something?
I think the majority of the ones I'm looking at would give a user access to a server or PC and not so much to file shares. I just want to get this documented of who has access to what and be able to remove them if they aren't being used.


Thanks in advance.
0
Winsoup
Asked:
Winsoup
1 Solution
 
Patrick BogersDatacenter platform engineer LindowsCommented:
Hopefully you havent got to many servers in your organisation because IMHO you need to check server by server by hand.

If best practice has been obtained you probably only need to look at the local groups on member server and check where those Global Groups are member. Once you have mapped the servers and their Local Groups HOPEFULLY there is a descryption there because else you have to go manually through all the files and folders. Wish i could be more 'nice' to you.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
You can use AccessEnum, ShareEnum and AccessChk to get the information...See links below for downloads...

AccessChk

AccessEnum

ShareEnum

Will.
0
 
WinsoupAuthor Commented:
Accesschk seems to be working pretty well. Thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now