Problem solve Get help with specific problems with your technologies, process and projects.

Displaying group permissions within a network

I would like to know if there is a way to display what permissions a group or a user has within the network. For example, we have a shared folder on the network called "Public" with contains a large amount of folders and subfolders. On the most part permissions are assigned to each folder using Domain Local groups, and AGDLP is followed to the letter for most folders.

However, there are a number of folders which have permissions assigned using legacy groups from when the network was an NT domain. I don't want to delete these groups yet as I think they may be still used on some of the older public folders. I therefore want to look at each individual old group and find out where they have permission to on the public folders without going through hundreds of folders to check the permissions. Is there any way this can be done?

There's a tool you might find useful for learning more about who has access to what. It's a freeware program from the folks at Sysinternals, called AccessEnum. This allows you to audit both the file system and the Register, and get detailed security information about a given directory or directory tree. It does require some digging, but the amount of work required to audit a whole directory tree or even a whole system is nowhere near what it would be to do this manually.

Dig Deeper on Windows administration tools

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.