Re: User rights analysis
- From: MikeZ <mziakasnospm@xxxxxxxxxxx>
- Date: Thu, 08 Sep 2005 21:26:52 -0700
On Thu, 8 Sep 2005 22:15:56 +0400, "Dmitry Korolyov [MVP]"
<d__k@xxxxxxxxxxxxxxxxxxxxxx> wrote:
>Cannot be done using built-in tools. You should understand that this is a
>very hard thing to do, because in order to see the list of all permissions
>for a certain user on all resources in a forest, you first need to know
>which and which kinds of resources exist in this forest.
Agreed a very difficult thing to do, but it actually is possible now
through a 3rd party app called MyView. It's in it's baby stage and IMO
needs some more functionality but it basically creates a namespace for
each user in a domain. This "personal" namespace contains all the
resources the user has permissions to and can be mapped as a drive. It
can also determine which users have permissions to a shared resource.
It appears to use effective permissions and a bit of magic! Very very
cool but as I said IMO still needs some work as it doesn't have any
ability to output this information to say a file or printer... yet. I
can see a couple of other additions that would make this a kick ass
product. It's definitely something to check out as it fills a big hole
in AD where auditing permissions are concerned. The personal namespace
is also quite a benefit to users.
Disclaimer - No I do not work for the company or get compensation in
anyway but I do know a product with potential when I see it! :) YMMV
http://www.nuview.com/products/myview.asp
Mike
.
- References:
- User rights analysis
- From: woodchip
- Re: User rights analysis
- From: Dmitry Korolyov [MVP]
- User rights analysis
- Prev by Date: Query Based Distribtion lists
- Next by Date: Re: AD Domain name versus Internet Domain name
- Previous by thread: Re: User rights analysis
- Next by thread: Certificate Request Wizard
- Index(es):
Relevant Pages
|
