Security Group Management Resultant Access Reports
Active Directory domain security group management resultant access reports are essential for identity, security and access management as well as for managing distributed access across the IT infrastructure.
Gold Finger offers the following Active Directory based domain security group management resultant (i.e. effective/delegated) access reports –
- Who can create security groups?
This Active Directory resultant access report reveals exactly who can create security groups in Active Directory, where they can create them (i.e. in which OUs / containers), and how (i.e. based on which security permissions.)
.
- Who can delete security groups?
This Active Directory resultant access report reveals exactly who can delete security groups in Active Directory, which security groups they can delete, and how (i.e. based on which security permissions.)
.
- Who can change security group memberships?
This Active Directory resultant access report reveals exactly who can change security group memberships in Active Directory, which group memberships they can change, and how (i.e. based on which security permissions.)
.
- Who can add/remove oneself to/from the membership of security groups?
This Active Directory resultant access report reveals exactly who can add/remove their own account to/from a security group in Active Directory, to/from which groups, and how (i.e. based on which security permissions.)
.
- Who can change security group scopes?
This Active Directory resultant access report reveals exactly who can change security group scopes (i.e. Builtin, Domain Local, Global or Universal) in Active Directory, which groups' scopes they can change, and how (i.e. based on which security permissions.)
.
- Who can change security group types?
This Active Directory resultant access report reveals exactly who can change security group types (i.e. Distribution, Security) in Active Directory, which groups' types they can change, and how (i.e. based on which security permissions.)
.
- Who can change the group name (Pre-Windows 2000) of security groups?
This Active Directory resultant access report reveals exactly who can change the group name (Pre-Windows 2000) of security groups in Active Directory, on which security groups, and how (i.e. based on which security permissions.)
.
- Who can change the description of security groups?
This Active Directory resultant access report reveals exactly who can change the description of security groups in Active Directory, which groups' descriptions they can change, and how (i.e. based on which security permissions.)
.
- Who can change the email-address of security groups?
This Active Directory resultant access report reveals exactly who can change the email-address of security groups in Active Directory, which groups' email-addresses they can change, and how (i.e. based on which security permissions.)
.
- Who can change notes annotated for security groups?
This Active Directory resultant access report reveals exactly who can change the notes annotated on security groups in Active Directory, which groups' notes they can change, and how (i.e. based on which security permissions.)
.
- Who can change the designated manager of security groups?
This Active Directory resultant access report reveals exactly who can change the designated manager of security groups in Active Directory, of which groups, and how (i.e. based on which security permissions.)
.
- Who can change the security permissions protecting security groups?
This Active Directory resultant access report reveals exactly who can change the security permissions (ACL) protecting security groups in Active Directory, which groups' security permissions they can change, and how (i.e. based on which security permissions.)
.
|
|
|
