Adaxes

"Active" Active Directory groups

0 votes

Hello All

We have a question in regards to checking the Active Directory forest for currently active groups. With the automation process begininning for adding groups to each person based on their jobCode, we need to weed out the groups that don't actually control anything anymore. We are looking for a suggestion, script or tool on how to accomplish this so we can weed out the groups that do not control anything.

Thank you

by (3.2k points)
0

Hello,

Could you specify exactly which groups should be deleted? How do we define that a group is inactive?

by (289k points)
0

Our AD structure has been in place for many years and many incarnations of Admins before me. We know we have a few group (Office or internet) that were created way back when and no longer control anything in our environment. We are looking to discontinue using these groups and wanted to find all the groups that have been orphaned and no longer control anything.

by (3.2k points)
0

Hello,

find all the groups that have been orphaned and no longer control anything

How exactly do you define these groups? Are these groups that have no Security Roles assigned?

As a solution, you can delete all the groups created more than a certain number of days ago. Does it meet your needs?

by (289k points)
0

Sorry, that would not meet our needs. We need to be able to verify without breaking the entire organization, that groups that do not control anything can be disabled and then turned off. We were looking to see if we had a way to check for groups to be "called" upon in AD.

by (3.2k points)
0

Hello,

Sorry, but we don't quite get which groups you want to delete? There is no such notion as 'active' or 'inactive' groups in AD, so you need to define it yourself. Maybe, you are searching for a way to clean up groups without any members in them? What are the criteria? Please explain.

by (216k points)
0

Ok, we are gong a different way to test "active"groups. Sorry for any confusion.

by (3.2k points)

Please log in or register to answer this question.

Related questions

0 votes
1 answer
Why don't I see all Active Directory groups in self service

We are testing Adaxes. After installing I tried the Self Service portal. I was impressed with how much it automatically found right out of the box. When I click on join a ... control this? How would I get it to see groups that are not showing? Thanks, Randy

asked Apr 25 by rjangelin (20 points)
0 votes
1 answer
Does Adaxes show active directory change history and auditing?

We have a client that is using another product for tracking change history and Active Directory auditing. Does Adaxes provide such tracking for Active Directory objects, passwords, etc. ?

asked May 7 by daviddickerson (20 points)
0 votes
1 answer
Support for Active Directory function level 2016 and Adaxes version 2014.1

We are in the process of updating our Active Directory Domain Controllers to server 2022 and the Domain/Forest function level. Our concern is that we still have Adaxes ... version of Windows server for our DCs and the Domain/Forest function level of 2016?

asked Oct 11, 2023 by sphoeinix (20 points)
0 votes
1 answer
Assign a group in Active Directory based on a users "Office" and "Description"

Hi we are trying to add users to a group based on the values of their "Office" and "Description" attributes within Active Directory. We have populated the below ... $Context.LogMessage("No matching criteria found for User $($Context.TargetObject.Name).") }

asked Sep 18, 2023 by Loopy8822 (20 points)
0 votes
1 answer
Report showing users who are inactive in both our on-premise Active Directory and Azure Active Directory?

We manage employee user accounts in our on-premise Active Directory and synchronize them to Azure Active Directory using Azure AD Connect. We'd like to be able to generate ... if this is possible so we can easily identify user accounts that are truly inactive.

asked May 9, 2023 by RickWaukCo (320 points)
3,552 questions
3,242 answers
8,243 comments
547,828 users