Re: Domain Admin removed
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 30 Mar 2006 22:26:45 -0600
I would not think what he did was unusual necessarily but I don't know all
the details. There are free tools you can use such as dumpsec that can scan
computers for folder and share permissions but it can not be configured to
look for only folders that a specific user has only permissions for his user
account. Showacls is supposed to be able to look for permissions by user but
I have had flaky results for it. You can use subinacl to search for the
owner of folders and a WHOLE lot more on a computer once you figure out it's
syntax. That user may be the owner of such folders. The links below may
help. --- Steve
http://www.somarsoft.com/ -- dumpsec
http://technet2.microsoft.com/WindowsServer/en/Library/ed34eee3-7dbd-44c6-8fb8-8b8b2c6f06dc1033.mspx
--- showacls, subinacl, and others
http://www.microsoft.com/downloads/details.aspx?FamilyID=E8BA3E56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en
--- subinacl download
"Dennis Burgess" <dmburgess@xxxxxxxxxxxx> wrote in message
news:uYT%23W$DVGHA.5592@xxxxxxxxxxxxxxxxxxxxxxx
I have a user that was a domain admin. I have found several folders sitting
out there on various servers that have been restricted to his user account
only, I had to take ownership to be able to delete the folders.
Is there a program that can scan my servers for these weird security
permissions looking for other things that he may have done?
Dennis
.
- References:
- Domain Admin removed
- From: Dennis Burgess
- Domain Admin removed
- Prev by Date: Re: Remote desktop: cannot logon interactively (please help...)
- Next by Date: Re: Disappearing .doc files
- Previous by thread: Domain Admin removed
- Index(es):
Relevant Pages
|
