Clean up access control list

Stefan Effenberger

IT Documentation Expert

last updated

19

.

 

July

 

2024

Reading time

3 Minuten

>

>

Clean up access control list

... or never again laboriously search the ACL of the file servers for dead SIDs.

Do you like crime stories? Based on the countless crime films and series that we encounter everywhere on TV or its more modern versions of Netflix and Co., the chances are pretty good that you too are not averse to a good crime series. It is less important which type of commissioner you pledge your allegiance to. Whether, like me, you prefer the “Columbo” variant, followed the streets of San Francisco or prefer to stay in the big city areas in our latitudes. Every good crime series needs one thing. A corpse. What would a crime thriller be without a passable victim who mysteriously eliminated from reality? And what would a good crime thriller be without a brilliant inspector who would not get on with even the worst and thoroughly washed contemporaries?

So we can come to the conclusion that no action or reconnaissance can take place without the body. Ideally, the victims of crime stories are usually lying around somewhere in the way and someone stumbles across them more or less by accident.

A completely different caliber of crime story is playing out on our file servers. It may be full of dead SIDs and no one notices it. After all, no one stumbles across it. By the way, SID means”Security Identifier“and is a unique security identifier that permanently identifies every user and group in a Windows AD.

Our crime thriller is playing on our file server, the victim (s) are the orphaned ACL entries and the main actor is Inspector Docusnap.

Unlike on television, we don't just stumble across it and our “corpses” may be a bit older. With Docusnap, however, we also have the right snoop in our ranks who uncovers exactly such grievances and reliably forwards his report to us.

Once configured, Docusnap can show us a current report at any time as to whether orphaned entries can be found in the access control lists and shows all “dead” SIDs neatly sorted by system. Since Docusnap has access to all IT servers and this information is also kept up to date at all times, nothing is left out in forensics and no detail is overlooked.

In our short video, we show how easy it is for everyone to find out about the “Tatort Server” and keep it clean.

With Docusnap, there are no unsolved cases in our crime series. Relentlessly and with meticulous accuracy, we are not giving even the petty crook a chance. For some, this is a big deal; for Docusnap, it's just another small step towards optimal security in our networks.

Here's how it works in Docusnap:

Additional Information

Here you find further information on the topic

Button Text

Curious? Try Docusnap
in your own environment.

Full functionality
Free for 30 days.

Next Article