Sunday, July 25, 2010

Where are AD Groups Used?

Utilizing Varonis DatAdvantage, one can determine how an Active Directory group is being used on a file server. To find where a security group is applied to a folder directly, run the 4a – Effective Permissions for User or Group report. You need to select each File Server that you want Varonis to investigate and since we are only interested where the group is in the “ACL” there are two options that need to be selected and set to True:
  • "Show only direct permissions"
  • "Distinguished unique"

This allows you to see every folder where the security group is directly applied.

No comments:

Post a Comment