Tool for outputing ACLs to the individual user level?
Hi Everyone,
Client areas at work are after a tool that will allow them to:
1) Output the ACLs for a user specified drive/share/directory/file; AND
2) If the object on the ACL is a group, recursively enumerate the members of this group until it gets down to an individual user level
Basically the client wants to be able audit who has access to their data and ammend appropriately.
I have found a bunch of stuff that solves one part of the problem but not both, at present we are looking to develop our own tool as we just can't find anything matching our requirements at this stage but I thought I would check to see if anyone at AO had seen or used such a tool.
At this stage we are considering:
Develop script that outputs results to HTML - run by Admins
Develop a tool that can be run by clients that is much more graphical.
There is a few issues still to be solved such as:
Who will run the tool
What permissions they will need on AD and the ACL (which will help determine Who will run the tool)
but what I am after is any ideas on tools that may already be out there for this purpose
Thanks