Wednesday, May 12, 2010

Active Directory Forestry

If you're not familiar with Active Directory, you're probably wondering as to what kind of tree Active Directory tree, and if you are familiar with Active Directory, you know exactly what kind of tree Active Directory is (; correct, its an inverted hierarchical tree.)

And no its not your regular real-life tree, but rather a relationship tree of (instances of) objects each of which happen to store meaningful data and happened to be either a parent or a child, although it can afely be said that all parents were also children once.

Alright, let this not confuse you further - this is basically a non-techie's blog on a techie subject, and thus the arcane approach, partly meant to vex you and partly to amuse you, but mostly to share and educate!

Now that I've sown the sapling, over time, we'll see this tree grow!

Happy shoveling,
Benjamin

2 comments:

  1. Hi Ben,

    I think of Active Directory Security as being critical to business these days and Active Directory Auditing is very important.

    Personally, I've found that the need to audit what is being audited in Active Directory is equally important as well.

    I recently came across a cool Active Directory ACL Export/Dump Tool and have been using it for these audits.

    I thought you might find my experience with How to audit / find out what is being audited in Active Directory helpful so thought of sharing it with you.

    Adios,
    Will

    ReplyDelete
  2. Hi Ben,

    As Domain Admins / Enterprise Admins we often delegate administrative tasks in Active Directory and from time to time need to know who is delegated what access in Active Directory.

    In my experience, I have found that it how to find out who is delegated what access in Active Directory is not as easy as it seems, but in fact can be quite difficult.

    I've seen many admins try to use a Permissions Analyzer for Active Directory but finding out who has what permissions in Active Directory is not the same thing.

    I recently came across an Active Directory Audit Tool that makes is super easy to find out who is delegated what access in Active Directory. Thought you may like to know.

    Cheers,
    Bob

    ReplyDelete