Announcement

Collapse
No announcement yet.

How to check if a AD group is used?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to check if a AD group is used?

    I have a client who didnt document anything and the whole AD structure is a shambles.
    They have a number of security groups with users added to them but from what Ive seen they havent implemented these security groups anywhere. Now my question is can I audit their fileserver for example and see if they actually use these groups anywhere before I delete the group?

  • #2
    Re: How to check if a AD group is used?

    If you open a command prompt and type the following command:
    xcacls *.* /t >C:\ListAcl.txt
    Then a textfile is created with all user and groups which have permission.
    Search this file for the groups you wish to delete.
    There are olso 3th party tools with reporting functions like "Enterprise Security Reporter" from Scriptlogic.

    Regards,

    Mathieu

    Comment

    Working...
    X