Re: SID security folder permissions for deleted AD user
- From: "Tony Murray" <tony@xxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 12 Jun 2005 19:57:51 +1200
The SIDs will not be purged automatically. This is why it is generally
preferable to use groups, rather than assign permissions directly to user
objects, as groups do not change as often.
It shouldn't be too difficult to put together a script that cycles through
folder permissions on servers to look for matches against existing AD
objects and then report any objects that don't match.
Tony
www.activedir.org
"Barry Hallman" <BarryHallman@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:AFEF7964-58BA-43B8-BFED-E86F140A08D1@xxxxxxxxxxxxxxxx
> My network necessarily has many users that are assigned explicit security
> rights on several folders. When one of these users is deleted in AD, I
> have
> checked the security settings on the folders and find that the user name
> has
> been replaced by an SID with the same permissions. Do these SIDS for the
> deleted users get purged from the system automatically? If so, what
> triggers
> this event? If not automatically, is there an easy way to perform this
> function? Thanks in advance
.
- References:
- SID security folder permissions for deleted AD user
- From: Barry Hallman
- SID security folder permissions for deleted AD user
- Prev by Date: Re: Removing One Server from Group Policy
- Next by Date: Re: Recommended DNS Configuraiton on AD/DNS Server
- Previous by thread: SID security folder permissions for deleted AD user
- Next by thread: Re: SID security folder permissions for deleted AD user
- Index(es):
Relevant Pages
|
