Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Windows 2003 -- Active Directory "Group" report ?

Posted on 2014-12-10
2
108 Views
Last Modified: 2014-12-23
I plan to trash my entire Windows 2003 AD
and create a brand new Windows 2012 AD since
lots has changed and I want to only bring
over the needed items for the 100 users.

 1. Has anyone else trashed an entire DC and rebuilt it ?
 2. How can see something like the below on ONE report ?

--------------------------------------------------------------

GROUP_AC1_RW
  John Doe
  Jane Doe
  Barb Smith

GROUP_AC1_RO
  John Smith
  Jane Smith
  Barb Doe

etc .......
0
Comment
Question by:finance_teacher
2 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 40492001
As a consultant, I have been involved with several "scrap and rebuild" projects. Unfortunately I am most often requested to get involved after the decision was made and action taken with unsatisfactory results. It bets escalated and people such as myself are asked to pick up the pieces.

While there are always exceptions and edge cases, I will say for a vast majority of situations, a flat rebuild is only managable for microbusiness sized networks. Think 5 users, one server, very few files, and no custom group policies or ACLs.

Anything larger and there are always undocumented gotchas that cause pain for users and ballooning costs; either for the business paying for the rebuild, or for the IT contractor who quoted a price and needs to honor to it, even as time spent skyrockets.

So for your questions:

1) yes. And never (and I do mean *never*) have I seen anybody happy with the process with a network the size you are talking about.

2) you'd want a good auditing tool for this. In this situation, given your network size, maybe spiceworks or rapidfiretools would be appropriate.
0
 
LVL 33

Assisted Solution

by:it_saige
it_saige earned 250 total points
ID: 40492182
To add to what Cliff has already stated.  In *most* cases where I have seen unsatisfactory results, it was because the user experience was not taken into account.  Granted, there are plenty of gotcha's like:
1.  Service-based relationships to AD accounts.
2.  File and share ACL's.

But the one that is most often overlooked are the user profile(s) on the local machine.

-saige-
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question