Solved

Active Directory Security Groups

Posted on 2014-01-21
3
288 Views
Last Modified: 2014-01-21
I have found some security groups that do not have a description on them and I am trying to figure out what some of these older ones are for. Is there a way to tell where those security groups are applied? Perhaps a powershell command or something?
I think the majority of the ones I'm looking at would give a user access to a server or PC and not so much to file shares. I just want to get this documented of who has access to what and be able to remove them if they aren't being used.


Thanks in advance.
0
Comment
Question by:Winsoup
3 Comments
 
LVL 19

Expert Comment

by:Patricksr1972
Comment Utility
Hopefully you havent got to many servers in your organisation because IMHO you need to check server by server by hand.

If best practice has been obtained you probably only need to look at the local groups on member server and check where those Global Groups are member. Once you have mapped the servers and their Local Groups HOPEFULLY there is a descryption there because else you have to go manually through all the files and folders. Wish i could be more 'nice' to you.
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
Comment Utility
You can use AccessEnum, ShareEnum and AccessChk to get the information...See links below for downloads...

AccessChk

AccessEnum

ShareEnum

Will.
0
 
LVL 3

Author Closing Comment

by:Winsoup
Comment Utility
Accesschk seems to be working pretty well. Thank you.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This is my first article in EE and english is not my mother tongue so any comments you have or any corrections you would like to make, please feel free to speak up :) For those of you working with AD, you already are very familiar with the classi…
Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now