?
Solved

Windows 2003 -- Active Directory "Group" report ?

Posted on 2014-12-10
2
Medium Priority
?
115 Views
Last Modified: 2014-12-23
I plan to trash my entire Windows 2003 AD
and create a brand new Windows 2012 AD since
lots has changed and I want to only bring
over the needed items for the 100 users.

 1. Has anyone else trashed an entire DC and rebuilt it ?
 2. How can see something like the below on ONE report ?

--------------------------------------------------------------

GROUP_AC1_RW
  John Doe
  Jane Doe
  Barb Smith

GROUP_AC1_RO
  John Smith
  Jane Smith
  Barb Doe

etc .......
0
Comment
Question by:finance_teacher
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 1000 total points
ID: 40492001
As a consultant, I have been involved with several "scrap and rebuild" projects. Unfortunately I am most often requested to get involved after the decision was made and action taken with unsatisfactory results. It bets escalated and people such as myself are asked to pick up the pieces.

While there are always exceptions and edge cases, I will say for a vast majority of situations, a flat rebuild is only managable for microbusiness sized networks. Think 5 users, one server, very few files, and no custom group policies or ACLs.

Anything larger and there are always undocumented gotchas that cause pain for users and ballooning costs; either for the business paying for the rebuild, or for the IT contractor who quoted a price and needs to honor to it, even as time spent skyrockets.

So for your questions:

1) yes. And never (and I do mean *never*) have I seen anybody happy with the process with a network the size you are talking about.

2) you'd want a good auditing tool for this. In this situation, given your network size, maybe spiceworks or rapidfiretools would be appropriate.
0
 
LVL 34

Assisted Solution

by:it_saige
it_saige earned 1000 total points
ID: 40492182
To add to what Cliff has already stated.  In *most* cases where I have seen unsatisfactory results, it was because the user experience was not taken into account.  Granted, there are plenty of gotcha's like:
1.  Service-based relationships to AD accounts.
2.  File and share ACL's.

But the one that is most often overlooked are the user profile(s) on the local machine.

-saige-
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question