?
Solved

Active Directory Security Groups

Posted on 2014-01-21
3
Medium Priority
?
299 Views
Last Modified: 2014-01-21
I have found some security groups that do not have a description on them and I am trying to figure out what some of these older ones are for. Is there a way to tell where those security groups are applied? Perhaps a powershell command or something?
I think the majority of the ones I'm looking at would give a user access to a server or PC and not so much to file shares. I just want to get this documented of who has access to what and be able to remove them if they aren't being used.


Thanks in advance.
0
Comment
Question by:Winsoup
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39798089
Hopefully you havent got to many servers in your organisation because IMHO you need to check server by server by hand.

If best practice has been obtained you probably only need to look at the local groups on member server and check where those Global Groups are member. Once you have mapped the servers and their Local Groups HOPEFULLY there is a descryption there because else you have to go manually through all the files and folders. Wish i could be more 'nice' to you.
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 39798126
You can use AccessEnum, ShareEnum and AccessChk to get the information...See links below for downloads...

AccessChk

AccessEnum

ShareEnum

Will.
0
 
LVL 3

Author Closing Comment

by:Winsoup
ID: 39798307
Accesschk seems to be working pretty well. Thank you.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses
Course of the Month13 days, 10 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question