Review the nested group structures
The central component of every Active Directory (AD) is the group concept. Administrators use groups to assign access rights and resources to individual users or user groups that results in nesting. For example, the Marketing group provides access rights to the corresponding department file server directories.
Simultaneously, the group is also a member (or nested member) of the Access Wlan 4th floor group. The ARM AD Graph displays the nesting structure in your Active Directory and helps you recognize grown structures and adjust structural errors.
-
Log in to the Access Rights Manager application.
-
Click Accounts to display the AD Graph view.
-
Locate an AD group.
-
In the Search field, enter the targeted AD group name—for example, Marketing. Under Groups, select the targeted result.
-
If you cannot locate your targeted resource, click See more results.
-
-
Review your search results.
The Marketing group is the focus of this analysis.
In the left column, the Parents tab lists additional groups in the AD graph where the Marketing group is a member. These groups are called parents. All direct and indirect parent groups are listed in the left column. Indirect parents are indicated with a blue arrow.
In the top right column is the group name. The Children tab lists all direct and indirect children associated with the group.
On the AD graph, you can open and close the individual branches by clicking the highlighted icon. The listed number indicates the number of direct parents or children.