Identify and delete unresolved SIDs
Background / Value
SIDs (Security Identifiers) are character strings that are used to identify user and group accounts in Active Directory. SIDs become unresolved when users or groups with direct access rights on file servers are deleted in AD.
By using unresolved SIDs insider threats can gain access to sensitive resources. ARM clearly identifies unresolved SIDs in your system allowing you to delete them.
Remove unresolved SIDs in bulk (web client)
- Select Dashboard.
- Click Unresolved SIDs.
- Enter a title for the report and add a comment.
- Define the range of the report.
- Define the desired report settings.
- Start the report.
Open the report in your spreadsheet application.
- Switch to the file server tab.
- All unresolved SIDs are listed in the report.
- Select Resources.
- Select an affected directory.
- Right-click on the directory and select Modify access rights... from the context menu.
- Right-click the unresolved SID.
- Select Remove from the context menu.
- Click Apply.
- ARM lists all planned changes.
- You must enter a comment.
- Start the process.