Documentation forAccess Rights Manager

Remove unresolved SIDs in bulk (web client)

Background / Value

SIDs (Security Identifiers) are strings that are used to identify user and group accounts in Active Directory. SIDs become unresolved when users or groups with direct permissions are deleted in AD. By using unresolved SIDs insider threats can gain access to sensitive resources.

Access Rights Manager clearly identifies unresolved SIDs in your system. Delete unresolved SIDs in bulk using the web client.


Related features

Identify and delete unresolved SIDs (rich client)

Report: Identify unresolved SIDs (rich client)


Step-by-step process

  1. Select "Analysis".
  2. Select the category "Directories".
  3. Click "Unresolved SIDs in directories".


  1. Select the file servers.
  2. Start the calculation.


  1. Access Rights Manager lists all directories with unresolved SIDs.
  2. Use sorting, filtering, grouping and column selection to locate the desired rows.
  3. Select the desired entries.
  4. Click "Remove ACE".


  1. You must enter a comment.
  2. Click "Execute Action".

The job will be transferred to the Access Rights Manager server and executed there. You can find the status in Jobs overview.