Announcement

**cmccullough** · 10-08-2009, 09:23 AM

Re: Report for share members with no AD object

Do you mean permissions where the user or group has been deleted from AD?

**Guest** · 10-08-2009, 09:46 AM

Re: Report for share members with no AD object

Yes that is exactly correct. Thanks for your quick response.

**Guest** · 10-08-2009, 09:55 AM

Re: Report for share members with no AD object

To further explain we have situations that look like the following: \\oursvr\share$ has a few members with full control, a few with read only, and so forth. Some of those people are no longer with our company and have been deleted from AD. So i need to go through and remove them from the share. Does that explination help out more?

**cmccullough** · 10-08-2009, 09:59 AM

Re: Report for share members with no AD object

If they were AD objects, and then were deleted they wouldn't still show up that way, though. You see the SID for them because it can't be resolved to an account. Is it possible what you are seeing are local accounts?

**Guest** · 10-08-2009, 12:09 PM

Re: Report for share members with no AD object

So is it possible to have a report that tells me each sid that cant be resolved to any account in AD? We have some local and some domain accounts from what i can tell.

**kstanush** · 10-08-2009, 12:09 PM

Re: Report for share members with no AD object

When an account is deleted, the security assignments stay on the share or other objects that it may have been assigned to. For share security, Hyena does not show accounts that have been deleted. I just now did a test and Windows actually returned an error for accounts that had been deleted, which you would see when the Share Properties were accessed. What essentially happens is the deleted entries are not shown, and if you modify any security info, then the new security information will replace what is there, effectively 'removing' the deleted entries.

We don't have a way of automating this process, however.

**cmccullough** · 10-08-2009, 02:58 PM

Re: Report for share members with no AD object

I'm not sure if this will help, but you can use Exporter Pro to export share security, and for those entries where there isn't a matching account found you will see SID_ERROR. If you want to try that you can select the server(s) in Hyena then go to Tools->Exporter Pro->Export From Selected Objects. Click the Settings button then double-click on Security Access. Enable it, then choose the share types you want to report on, then OK, Close and Start Export.

When it is finished click the Open With button and choose Excel.

Announcement

Report for share members with no AD object

Report for share members with no AD object

Comment

Comment

Comment

Comment

Comment

Comment

Comment