[BRTiger]

My buddy and I are about to begin operating in an environment(Windows Server 2000 and 2003) that has a ton of users, but all have password and access configurations set up on an individual level (if at all). We're trying to find an easy command, or report that can be run where we can see the settings for all individual user accounts.

I'm thinking that the Access configs can be best determined by running a CACLS command, but I have no idea what to do about the other settings(i.e password, etc.). Any info, or suggestions you might think are helpful in this situation would be greatly appreciated....thanks!!!!

[Advertisements]

i assume you're going to work for a decent sized company? also assuming this is a domain with this many users

check out Enterprise Security Reporter by scriptlogic...it can do full NTFS permission audits as well as AD security audits etc... this should list who has permissions where..

as far as the passwords are concerened....i'd enact a password policy on the domain and force everryone to change their passwords...then you don't have to worry about that stuff....there's no real legitimate way to actually check everyone's passwords...there are ways to check and see if they are required to have one etc...but i'll have to dig a little for those

[dsenette]

i assume you're going to work for a decent sized company? also assuming this is a domain with this many users

check out Enterprise Security Reporter by scriptlogic...it can do full NTFS permission audits as well as AD security audits etc... this should list who has permissions where..

as far as the passwords are concerened....i'd enact a password policy on the domain and force everryone to change their passwords...then you don't have to worry about that stuff....there's no real legitimate way to actually check everyone's passwords...there are ways to check and see if they are required to have one etc...but i'll have to dig a little for those