Monday, October 29, 2012

Permissions Analyzer for Active Directory

I administer a small Windows Server based network comprised of a few 100 user accounts here in Dubai. Recently we had a situation wherein we needed to find out where all one of our service accounts has permissions in Active Directory, so we went searching for a Permissions Analyzer for Active Directory.

I initially came across a tool called Permissions Analyzer for Active Directory from a company called SolarWinds, so I downloaded it but found that it does not actually analyze permissions in Active Directory, but only does some on files. It was unfortunate that the name seems to be a bit misleading.

So, we went out looking again and I came across a tool called Liza, which is a free Active Directory Security Analysis tool, so we downloaded it and tried it out, but it too could not help us find the exact set of permissions we were looking for.

Upon some more searching on YouTube, I came across a video of a tool called Gold Finger for Active Directory, which too has an Active Directory Permissions Analyzer, so we downloaded a trial and tested it out.

We were quite happy with Gold Finger's permissions analysis capabilities, because it allowed us to do what we wanted to i.e. find out who is delegated what access in Active Directory. We are in the midst of completing our evaluation and if all goes well, should end up getting a license.

I just wanted to share a link to the video I came across as I thought others might find it useful as well.

If you're looking for a comprehensive Active Directory Permissions Analyzer, I recommend checking out the Gold Finger. You can download it from - Permissions Analyzer for Active Directory Download.


Friday, June 18, 2010

Hello World!

Hello World,

I'm Armen and this is my little corner on the web, where I am planning to share my little 2 Dirhams with you on things that I work on and things that I enjoy. 
For starters, here is a beautiful shot of the magnificent Burj Al Arab from our lovely Jumeirah Beach -

If you are wondering as to what on earth Port 389 is (the name of my blog), it is simply a networking port that is used by one of my favorite technologies, called the Active Directory.

As a Windows administrator, I spend a lot of my time working with this technology, and so I thought of using Port 389 as the name of my blog. It also coincidentally happens to be the number of my apartment, and since that seemed a little more than a coincidence, I am now blogging on Port 389!

Thank you for stopping by and please come back soon again!