Accounts without authorization

Just as in the file system, it is also necessary in the AD to carry out cleanups at regular intervals. In addition to the user accounts, there is often a multiple of groups in the Active Directory. Many of these groups are created by setting permissions on directories. But the directory structure is constantly changing, which is why many groups are orphaned again after a short time.

You can search specifically via:

  • Search for a task-specific name part, eg the prefix "fs_"
  • a special storage location in the AD

The result is a list of all groups that are currently no longer used in any ACL. The prerequisite for this is that all ACLs in the DB of migRaven ie. the directories have to be project in migRaven be read.
Otherwise, no directories of migRaven to be analyzed.


With this menu you can optimize the search.

If you are searching for directly authorized groups, select this form.


The list can be used for further use eg. in PowerShell scripts as an excel file.
Before deleting the accounts should be consulted in any case, so that not deleted accounts are still needed.

Permanent link to this post: