Dear visitors, I hope you have been well! I haven't had much time to write here, I have been quite busy (I know, we all are!). In the beginning of June, I managed to get quite badly ill after a fitness session. Nothing sport related, rather the effort triggered a
Identifying nested group membership in Active Directory for audit reports and security access reviews
Hello, I'm back with an Active Directory / VBS article for a change. Many of those who work in a corporate environment may be challenged by business entities and folder/share/application owners to deliver a report of who has access to a folder/share/application. In simple Active Directory implementations, group membership is
Codename Clarity
Have you ever dealt with Active Directory nested group memberships? Have you ever gone through a whole file server trying to figure out who has real, effective permissions on specific folders? Does it sounds like “been there, done that” to your ears? Well, me too. I’ve had to deal with
EventID 2080 – DsAccess & SACL Right fix
We’ve had one of our AD Domain Controllers reporting that it didn’t have the SACL right. This was logged constantly on event ID 2080. We tried nearly everything but without success. This morning I came up with a solution to fix it, while trying to desperately find the ntSecurityDescriptor property
Smooth monday (almost)
Despite dealing with the (bad) tonsillitis, today (especially towards the end) proved to be productive. On tonight’s menu : dead domain controller demotion, plus checking Service Principal Names duplicate entries. That made me discover a lovely little utility included in windows : LDP.exe Removing the SPN entry drove our Sharepoint