Announcement

Collapse
No announcement yet.

Report for share members with no AD object

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Report for share members with no AD object

    Hello,

    I need to create a report on our shared drives where the shares have objects with permissions, but those objects do not exist in AD. We have only one domain, so no special needs there. Please let me know if there is an easy way to do this in hyena. Thanks for your help!

  • #2
    Re: Report for share members with no AD object

    Do you mean permissions where the user or group has been deleted from AD?

    Comment


    • #3
      Re: Report for share members with no AD object

      Yes that is exactly correct. Thanks for your quick response.

      Comment


      • #4
        Re: Report for share members with no AD object

        To further explain we have situations that look like the following: \\oursvr\share$ has a few members with full control, a few with read only, and so forth. Some of those people are no longer with our company and have been deleted from AD. So i need to go through and remove them from the share. Does that explination help out more?

        Comment


        • #5
          Re: Report for share members with no AD object

          If they were AD objects, and then were deleted they wouldn't still show up that way, though. You see the SID for them because it can't be resolved to an account. Is it possible what you are seeing are local accounts?

          Comment


          • #6
            Re: Report for share members with no AD object

            So is it possible to have a report that tells me each sid that cant be resolved to any account in AD? We have some local and some domain accounts from what i can tell.

            Comment


            • #7
              Re: Report for share members with no AD object

              When an account is deleted, the security assignments stay on the share or other objects that it may have been assigned to. For share security, Hyena does not show accounts that have been deleted. I just now did a test and Windows actually returned an error for accounts that had been deleted, which you would see when the Share Properties were accessed. What essentially happens is the deleted entries are not shown, and if you modify any security info, then the new security information will replace what is there, effectively 'removing' the deleted entries.

              We don't have a way of automating this process, however.
              Kevin Stanush
              SystemTools Software Inc.

              Comment


              • #8
                Re: Report for share members with no AD object

                I'm not sure if this will help, but you can use Exporter Pro to export share security, and for those entries where there isn't a matching account found you will see SID_ERROR. If you want to try that you can select the server(s) in Hyena then go to Tools->Exporter Pro->Export From Selected Objects. Click the Settings button then double-click on Security Access. Enable it, then choose the share types you want to report on, then OK, Close and Start Export.

                When it is finished click the Open With button and choose Excel.

                Comment

                Working...
                X